OESA-2026-2410 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

Astra Linux - уязвимость в htmldoc

A buffer under-reading issue based on stacks in the htmldoc before version 1.9.12 allows attackers to cause a denial of service by using a crafted BMP image with the imageloadbmp function...

BIT-JAVA-MIN-2025-32415

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

Linux Distros Unpatched Vulnerability : CVE-2026-5928

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character...

EUVD-2026-23980

Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially...

CVE-2026-5928

Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially...

CVE-2026-5928 Potential buffer under-read in ungetwc

Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially...

CVE-2026-5928

Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially...

CVE-2026-5928

Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially...

CVE-2026-5928

CVE-2026-5928 affects glibc’s ungetwc on FILE streams with wide characters where overlaps between single-byte and multi-byte encodings occur, in version 2.43 or earlier. A bug in the wide character pushback (_IO_wdefault_pbackfail) causes ungetwc() to operate on the regular input buffer (fp->_...

PT-2026-33852

Name of the Vulnerable Software and Affected Versions gnu C Library versions prior to 2.44 Description Calling the ungetwc function on a FILE stream with wide characters encoded in a character set with overlaps between single byte and multi-byte character encodings can lead to an attempt to read...

EulerOS Virtualization 2.12.1 : coreutils (EulerOS-SA-2026-1420)

According to the versions of the coreutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program ma...

EulerOS Virtualization 2.10.0 : glib2 (EulerOS-SA-2026-1166)

According to the versions of the glib2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an...

MGASA-2026-0023 Updated glib2.0 packages fix security vulnerabilities

Glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with gdatetimenewfromiso8601. CVE-2025-3360 Buffer under-read on glib through glib/gfileutils.c via gettmpfile. CVE-2025-7039 Integer overflow in gescapeuristring...

Updated glib2.0 packages fix security vulnerabilities

Glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with gdatetimenewfromiso8601. CVE-2025-3360 Buffer under-read on glib through glib/gfileutils.c via gettmpfile. CVE-2025-7039 Integer overflow in gescapeuristring...

MiracleLinux 7 : ruby-2.0.0.648-36.el7 (AXSA:2019-4276:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4276:03 advisory. ruby: HTTP response splitting in WEBrick CVE-2017-17742 ruby: DoS by large request in WEBrick CVE-2018-8777 ruby: Buffer under-read in Stringunpack...

Security update for glib2

This update for glib2 fixes the following issues: CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via gettmpfile bsc1249055 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

SUSE-SU-2025:4347-1 Security update for glib2

This update for glib2 fixes the following issues: - CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via gettmpfile bsc1249055...

SUSE-SU-2025:21201-1 Security update for glib2

This update for glib2 fixes the following issues: - CVE-2025-7039: Fixed Buffer Under-read in gfileutils.c bsc1249055...

SUSE SLES12 Security Update : glib2 (SUSE-SU-2025:4278-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:4278-1 advisory. - CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via gettmpfile bsc1249055 Tenable has extracted the preceding description...