PT-2026-27582

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 26.4 and iPadOS 26.4. A remote user may be able to cause unexpected system termination or corrupt kernel memory...

PT-2026-27595

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 26.4 and iPadOS 26.4. A remote attacker may be able to cause a denial-of-service...

Security update for the Linux Kernel (Live Patch 43 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.173 fixes various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255595. CVE-2023-53781: smc: Fix use-after-free in tcpwritetimerhandl...

PT-2026-27567

Name of the Vulnerable Software and Affected Versions macOS versions prior to Sequoia 15.7.5 macOS versions prior to Sonoma 14.8.5 macOS versions prior to Tahoe 26.4 Description An out-of-bounds read issue existed due to insufficient bounds checking. This could allow an application to disclose...

PT-2026-27543

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.7 iPadOS versions prior to 18.7.7 macOS Sequoia versions prior to 15.7.5 macOS Sonoma versions prior to 14.8.5 macOS Tahoe versions prior to 26.4 tvOS versions prior to 26.4 visionOS versions prior to 26.4 watchOS...

PT-2026-27561

Name of the Vulnerable Software and Affected Versions macOS versions prior to 15.7.5 macOS versions prior to 14.8.5 macOS versions prior to 26.4 Description An issue involving an out-of-bounds write was identified and addressed through improved bounds checking. This flaw could potentially allow a...

About the security content of visionOS 26.4

About the security content of visionOS 26.4 This document describes the security content of visionOS 26.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

MantisBT < 2.28.1 SOAP API Authentication Bypass (GHSA-phrq-pc6r-f6gh)

The version of MantisBT installed on the remote host is prior to 2.28.1. It is, therefore, affected by a vulnerability: - An authentication bypass vulnerability exists in the SOAP API due to improper type checking on the password parameter when running on MySQL family databases. Using a crafted...

PT-2026-27606

Name of the Vulnerable Software and Affected Versions Xcode versions prior to 26.4 Description An out-of-bounds read issue was identified and addressed through improved bounds checking. This flaw could allow an application to trigger unexpected system termination. Recommendations Update to Xcode...

GHSA-PHRQ-PC6R-F6GH MantisBT is vulnerable to authentication bypass through the SOAP API on MySQL

Mantis Bug Tracker instances running on MySQL and compatible databases are affected by an authentication bypass vulnerability in the SOAP API, as a result of improper type checking on the password parameter. Other database backends are not affected, as they do not perform implicit type conversion...

capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.

A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond...

CLSA-2026-1774017701 postgresql: Fix of CVE-2026-2006

CVE-2026-2006: fix missing validation of multibyte character length in text manipulation; add proper length checks and bounds validation; prevent crafted queries from triggering buffer overrun and enabling arbitrary code execution...

WordPress plugin Download Manager 信息泄露漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. The WordPress plugin Download Manager information disclosure vulnerability, which stems from a...

VulnCheck KEV: CVE-2025-43510

A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may cause unexpect...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : libssh vulnerability (USN-8093-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8093-1 advisory. It was discovered that libssh incorrectly performed bounds checking when processing SFTP extensions. If a...

USN-8093-1 libssh vulnerability

It was discovered that libssh incorrectly performed bounds checking when processing SFTP extensions. If a client application queried extension data out of bounds, it could cause the application to crash, resulting in a denial of service, or exhibit unintended behavior...

Delta Electronics COMMGR2 Stack Buffer Overflow Vulnerability

Delta Electronics COMMGR2 is an automation equipment communication management software from Delta Electronics China. Delta Electronics COMMGR2 suffers from a stack buffer overflow vulnerability that is caused by incorrect boundary checking. An attacker could exploit this vulnerability to execute...

CVE-2026-31806

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

VulnEye---Lightweight-Vulnerability-Scanner

VulnEye - Lightweight Vulnerability Scanner VulnEye is a modu...

ImageMagick: Heap overflow in pcd decoder leads to out of bounds read.

The pcd coder lacks proper boundary checking when processing Huffman-coded data. The decoder contains an function that has an incorrect initialization that could cause an out of bounds read. ==3900053==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x502000003c6c at pc 0x55601b9cc552 bp...