RHEL 10 : php8.4 (RHSA-2026:22649)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22649 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also...

CVE-2026-5772

A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. If a wildcard exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check,...

CVE-2025-59609 Buffer Over-read in WLAN Host Communication

Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length...

httpd: mod_proxy_ajp: heap-based buffer over-read and memory disclosure in ajp_parse_data()

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the ajpparsedata function attempts to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue potentially lea...

postfix: Fix of CVE-2026-43964

makedefs: support Linux kernel = 3 on build hosts - CVE-2026-43964: fix buffer over-read on enhanced status code without trailing text...

Linux Distros Unpatched Vulnerability : CVE-2026-45624

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - Unknown description CVE-2026-45624 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenabl...

CLSA-2026-1779298645 postfix: Fix of CVE-2026-43964

CVE-2026-43964: fix buffer over-read in dsnsplit when an enhanced status code is not followed by other text...

Astra Linux - уязвимость в glusterfs

In Gluster GlusterFS 11.0, there is a stack-based buffer over-read issue in xlators/mount/fuse/src/fuse-bridge.c...

Astra Linux - уязвимость в mbedtls

A issue was discovered in Arm Mbed TLS before version 2.24.0. The function mbedtlsx509crlparseder has a buffer over-read of one byte...

SUSE CVE-2026-6575

Buffer over-read in PostgreSQL function pgrestoreattributestats accepts array values of unmatched length, which causes query planning to read past end of one array. This allows a table maintainer to infer memory values past that array end. Within major version 18, minor versions before PostgreSQL...

CLSA-2026-1779095130 postfix: Fix of CVE-2026-43964

CVE-2026-43964: fix buffer over-read in dsnsplit when an enhanced status code is not followed by other text...

PT-2026-41776

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An invalid connected-components:keep-top value can lead to a heap buffer over-read during the connected components operation. A heap buffer over-read occurs when...

OESA-2026-2318 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to...

BIT-NGINX-2026-42934 NGINX ngx_http_charset_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When charset, sourcecharset, and charsetmap and proxypass with disabled buffering "off" directives are configured, unauthenticated attackers can send requests that with conditions beyond the attackers' contr...

PT-2026-40925

Name of the Vulnerable Software and Affected Versions PostgreSQL versions 18.0 through 18.3 Description A buffer over-read occurs in the pg restore attribute stats function when it accepts array values of unmatched length. This causes query planning to read past the end of one array, allowing a...

Vulnerability in core server (CVE-2026-6575)

PostgreSQL pgrestoreattributestats accepts values that cause query planning to read past end of stats array Buffer over-read in PostgreSQL function pgrestoreattributestats accepts array values of unmatched length, which causes query planning to read past end of one array. This allows a table...

Linux Distros Unpatched Vulnerability : CVE-2026-6575

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer over-read in PostgreSQL function pgrestoreattributestats accepts array values of unmatched length, which causes query planning to read past end of one...

CVE-2026-34336

Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

PT-2026-40679

Name of the Vulnerable Software and Affected Versions NGINX Plus affected versions not specified NGINX Open Source affected versions not specified Description A heap buffer over-read exists in the ngx http charset module module. This occurs when the charset, source charset, charset map, and proxy...

CLSA-2026-1778614426 httpd: Fix of 9 CVEs

CVE-2026-24072: fix modrewrite apexpr privilege escalation in htaccess - CVE-2026-28780: fix modproxyajp ajpmsgcheckheader buffer over-read - CVE-2026-29169: fix moddavlock NULL pointer dereference - CVE-2026-33006: fix modauthdigest timing attack - CVE-2026-33007: fix modauthnsocache NULL...