249 matches found
UBUNTU-CVE-2026-52927
In the Linux kernel, the following vulnerability has been resolved: netfilter: ebtables: fix OOB read in compatmtwfromuser Luxiao Xu says: The function compatmtwfromuser converts ebtables extensions from 32-bit user structures to kernel native structures. However, it lacks proper validation of th...
Linux Distros Unpatched Vulnerability : CVE-2026-52915
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: ip6thbh: reject oversized option lists struct ip6topts stores at most IP6TOPTSOPTSNR option descriptors, but hbhmt6check does not reject larger optsn...
EUVD-2026-33433
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...
JLSEC-2026-541
A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Atacade: Ahci: Matching EMMAXSLOTS with SATAPMPMAXPORTS UBSAN reports an array-index-out-of-bounds issue: 1.980703 Kernel: UBSAN: Array-index out of bounds in /build/linux-9H675w/linux-5.15.0/drivers/ata/libahci.c:968:41 1.980709...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: perf: Make sure to use pmuctx-pmu for groups. Oliver reported that x86pmudel actually performs an out-of-bound memory access when groupschedin fails and requires a rollback. This issue should be handled through transaction...
CVE-2026-43141
In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix shift-out-of-bounds for 0 mw lut Number of MW LUTs depends on NTB configuration and can be set to zero, in such scenario rounddownpowoftwo will cause undefined behaviour and should not be performed. This...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from array out-of-bounds access during the 22000 series SMEM parsing in iwlwifi...
RHEL 8 : kernel (RHSA-2026:13577)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13577 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nvme: avoid double free speci...
Linux Distros Unpatched Vulnerability : CVE-2026-31614
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offs...
CVE-2026-31607
In the Linux kernel, the following vulnerability has been resolved: usbip: validate numberofpackets in usbippackretsubmit When a USB/IP client receives a RETSUBMIT response, usbippackretsubmit unconditionally overwrites urb-numberofpackets from the network PDU. This value is subsequently used as...
CLSA-2026-1776362968 Fix CVE(s): CVE-2026-0968
SECURITY UPDATE: heap read past bounds in sftpparselongname from malicious SFTP longname field - debian/patches/CVE-2026-0968.patch: validate longname pointer and longnamefield; bound string walks at NUL; fail if field not found - CVE-2026-0968...
CLSA-2026-1776361748 Fix CVE(s): CVE-2026-0968
SECURITY UPDATE: heap read past bounds in sftpparselongname from malicious SFTP longname field - debian/patches/CVE-2026-0968.patch: validate longname pointer and longnamefield; bound string walks at NUL; fail if field not found - CVE-2026-0968...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006813)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006813 advisory. In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out o...
CVE-2026-33987 FreeRDP: Persistent Cache bmpSize Desync - Heap OOB Write
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistentcachereadentryv3 in libfreerdp/cache/persistent.c, persistent-bmpSize is updated before winpralignedrecalloc. If realloc fails, bmpSize is inflated while bmpData points to the old buffer. This...
CVE-2026-23378 net/sched: act_ife: Fix metalist update behavior
In the Linux kernel, the following vulnerability has been resolved: net/sched: actife: Fix metalist update behavior Whenever an ife action replace changes the metalist, instead of replacing the old data on the metalist, the current ife code is appending the new metadata. Aside from being...
CVE-2026-28493
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an integer overflow vulnerability exists in the SIXEL decoer. The vulnerability allows an attacker to perform an out of bounds via a specially crafted image. This vulnerabili...
CVE-2026-20426
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5538...
MiracleLinux 8 : kernel-4.18.0-553.105.1.el8_10 (AXSA:2026-216:13)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-216:13 advisory. kernel: smc: Use skdstget and dstdevrcu in smcclcprfxmatch CVE-2025-40168 kernel: Linux kernel Bluetooth: Denial of Service due to use-after-free in...
CVE-2025-70121
An array index out of bounds vulnerability in the AMF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted 5GS Mobile Identity in a NAS Registration Request message. The issue occurs in the GetSUCI method NASMobileIdentity5GS.go when accessing index 5 of ...