3603 matches found
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: openssh: openssh-10.3p1-6.hum1 aarch64, x8664 openssh-askpass-10.3p1-6.hum1 aarch64, x8664 openssh-clients-10.3p1-6.hum1 aarch64, x8664 openssh-keycat-10.3p1-6.hum1 aarch64, x8664...
CVE-2026-56003
A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before 2.0.8 could be used by attackers using authenticated X clients to execute code within the X server...
CVE-2026-56003
A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before 2.0.8 could be used by attackers using authenticated X clients to execute code within the X server...
EUVD-2026-42212
A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before 2.0.8 could be used by attackers using authenticated X clients to execute code within the X server...
CVE-2026-56003
Summary: CVE-2026-56003 describes a heap buffer overflow in libXfont2’s PCF parsing (ComputeScaledProperties) due to missing size checks, affecting libXfont2 up to version before 2.0.8. Impact per sources: authenticated X clients could trigger code execution in the X server (per NVD entry). Affec...
CVE-2026-56003 libXfont2 computeProps Property Buffer Heap Buffer Overflow
A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before 2.0.8 could be used by attackers using authenticated X clients to execute code within the X server...
CVE-2026-56003 libXfont2 computeProps Property Buffer Heap Buffer Overflow
A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before 2.0.8 could be used by attackers using authenticated X clients to execute code within the X server...
CVE-2026-56003
A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before 2.0.8 could be used by attackers using authenticated X clients to execute code within the X server...
CVE-2026-56002
A heap bufferflow in pcfReadFont due to missing glyph bounds checking in libXfont2 before 2.0.8 allows attackers authenticated as X client to execute code within the X server...
EUVD-2026-42211
A heap bufferflow in pcfReadFont due to missing glyph bounds checking in libXfont2 before 2.0.8 allows attackers authenticated as X client to execute code within the X server...
CVE-2026-56002
The CVE-2026-56002 entry describes a heap buffer overflow in libXfont2’s PCF font parsing (pcfReadFont) due to missing glyph bounds checking, affecting libXfont2 before 2.0.8. An authenticated X client could potentially execute code in the X server. The provided metrics indicate a HIGH severity (...
CVE-2026-56002 libXfont2 PCF Font Parsing Heap Buffer Overflow
A heap bufferflow in pcfReadFont due to missing glyph bounds checking in libXfont2 before 2.0.8 allows attackers authenticated as X client to execute code within the X server...
kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache
A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...
kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache
A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...
kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache
A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...
kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache
A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...
PT-2026-56391
Name of the Vulnerable Software and Affected Versions libXfont2 versions prior to 2.0.8 Description A heap buffer overflow occurs when parsing PCF files due to missing size checking in the property buffer within the ComputeScaledProperties function. Authenticated X clients can exploit this issue ...
PT-2026-56560
Name of the Vulnerable Software and Affected Versions NATS Server versions prior to 2.14.3 NATS Server versions prior to 2.12.12 Description An unauthenticated MQTT client can cause the server to consume excessive memory by sending large incomplete MQTT CONNECT packets. The server retains these...
Linux Distros Unpatched Vulnerability : CVE-2026-56003
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before...
Incorrect Authorization
Overview better-auth is a The most comprehensive authentication library for TypeScript. Affected versions of this package are vulnerable to Incorrect Authorization in the refreshtoken grant process of the legacy oidcProvider and mcp plugins, where confidential clients are not required to...