Lucene search
K

17 matches found

RedHat Linux
RedHat Linux
added 2 days ago5 views

Important: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

7.8CVSS6.8AI score0.00165EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/07/07 6:51 a.m.4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS6.2AI score0.00157EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/07 6:9 a.m.4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS6.2AI score0.00157EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/24 10:35 a.m.4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS6.2AI score0.00157EPSS
Exploits0References7
AlmaLinux
AlmaLinux
added 2026/06/17 12:0 a.m.5 views

Important: xorg-x11-server security, bug fix, and enhancement update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution du...

7.8CVSS7AI score0.00165EPSS
Exploits0References20
Cvelist
Cvelist
added 2026/06/05 10:31 a.m.74 views

CVE-2026-50256 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libxfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS0.00157EPSS
Exploits0References25
CVE
CVE
added 2026/06/05 10:31 a.m.55 views

CVE-2026-50256

The CVE affects the X.Org X server and Xwayland. A mismatch between the server and libXfont2 regarding maximum font name length (server-allocated 256-byte stack buffer vs libXfont2 name length up to 1024 bytes) allows a font alias name of 257–1023 bytes to overflow the stack during alias resoluti...

7.8CVSS5.8AI score0.00157EPSS
Exploits0References26Affected Software3
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.13 views

PT-2026-44149

Name of the Vulnerable Software and Affected Versions Symfony versions prior to 5.4 Description The SymfonyComponentYamlParser resolves YAML aliases during parsing. Aliases referencing collections, such as arrays, stdClass, or TaggedValue-wrapped collections, can point to other collections...

8.7CVSS6.1AI score0.00076EPSS
Exploits0References18
RedhatCVE
RedhatCVE
added 2026/03/26 3:9 p.m.10 views

CVE-2026-33320

Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel's YAML reader allows an attacker who can supply YAML for processing to trigger extreme CPU and memory consumption. The issue is in the...

6.2CVSS5.8AI score0.00211EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:2 p.m.7 views

CVE-2026-32055

OpenClaw versions prior to 2026.2.26 contain a path traversal vulnerability in workspace boundary validation that allows attackers to write files outside the workspace through in-workspace symlinks pointing to non-existent out-of-root targets. The vulnerability exists because the boundary check...

8.2CVSS5.9AI score0.00322EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/24 1:17 a.m.4 views

CVE-2026-33320

Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel's YAML reader allows an attacker who can supply YAML for processing to trigger extreme CPU and memory consumption. The issue is in the...

6.2CVSS6.3AI score0.00211EPSS
Exploits1References3
OSV
OSV
added 2026/03/24 1:17 a.m.4 views

UBUNTU-CVE-2026-33320

Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel's YAML reader allows an attacker who can supply YAML for processing to trigger extreme CPU and memory consumption. The issue is in the...

6.2CVSS5.8AI score0.00211EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2026/03/24 12:6 a.m.6 views

CVE-2026-33320

Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel's YAML reader allows an attacker who can supply YAML for processing to trigger extreme CPU and memory consumption. The issue is in the...

6.2CVSS6AI score0.00211EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/03/24 12:6 a.m.2 views

CVE-2026-33320

Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel's YAML reader allows an attacker who can supply YAML for processing to trigger extreme CPU and memory consumption. The issue is in the...

6.2CVSS5.8AI score0.00211EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/19 12:50 p.m.6 views

Dasel has unbounded YAML alias expansion in dasel leads to CPU/memory denial of service

Summary dasel's YAML reader allows an attacker who can supply YAML for processing to trigger extreme CPU and memory consumption. The issue is in the library's own UnmarshalYAML implementation, which manually resolves alias nodes by recursively following yaml.Node.Alias pointers without any...

6.2CVSS5.9AI score0.00211EPSS
Exploits1References3Affected Software1
RedHat Linux
RedHat Linux
added 2016/07/14 5:50 a.m.7 views

nginx: Insufficient limits of CNAME resolution in resolver

It was discovered that nginx did not limit recursion when resolving CNAME DNS records. An attacker able to manipulate DNS responses received by nginx could use this flaw to cause a worker process to use an excessive amount of resources if nginx enabled the resolver in its configuration...

5.3CVSS5.8AI score0.08433EPSS
Exploits0References5
OSV
OSV
added 2016/02/15 7:59 p.m.6 views

DEBIAN-CVE-2016-0747

The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service worker process resource consumption via vectors related to arbitrary name resolution...

5.3CVSS8.1AI score0.08433EPSS
Exploits0References1
Rows per page
Query Builder