Lucene search
+L

3603 matches found

RedHat Linux
RedHat Linux
added 2026/07/08 1:9 p.m.3 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: openssh: openssh-10.3p1-6.hum1 aarch64, x8664 openssh-askpass-10.3p1-6.hum1 aarch64, x8664 openssh-clients-10.3p1-6.hum1 aarch64, x8664 openssh-keycat-10.3p1-6.hum1 aarch64, x8664...

6.5CVSS5.9AI score0.00367EPSS
Exploits2References5
NVD
NVD
added 2026/07/08 10:16 a.m.9 views

CVE-2026-56003

A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before 2.0.8 could be used by attackers using authenticated X clients to execute code within the X server...

8.8CVSS0.00643EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/08 9:25 a.m.8 views

CVE-2026-56003

A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before 2.0.8 could be used by attackers using authenticated X clients to execute code within the X server...

8.5CVSS6.3AI score0.00643EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/08 9:25 a.m.8 views

EUVD-2026-42212

A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before 2.0.8 could be used by attackers using authenticated X clients to execute code within the X server...

8.5CVSS6.3AI score0.00643EPSS
Exploits0References2
CVE
CVE
added 2026/07/08 9:25 a.m.21 views

CVE-2026-56003

Summary: CVE-2026-56003 describes a heap buffer overflow in libXfont2’s PCF parsing (ComputeScaledProperties) due to missing size checks, affecting libXfont2 up to version before 2.0.8. Impact per sources: authenticated X clients could trigger code execution in the X server (per NVD entry). Affec...

8.8CVSS6.3AI score0.00643EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/08 9:25 a.m.39 views

CVE-2026-56003 libXfont2 computeProps Property Buffer Heap Buffer Overflow

A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before 2.0.8 could be used by attackers using authenticated X clients to execute code within the X server...

8.5CVSS0.00643EPSS
Exploits0References2
OSV
OSV
added 2026/07/08 9:25 a.m.3 views

CVE-2026-56003 libXfont2 computeProps Property Buffer Heap Buffer Overflow

A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before 2.0.8 could be used by attackers using authenticated X clients to execute code within the X server...

8.5CVSS6.3AI score0.00643EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/07/08 9:25 a.m.9 views

CVE-2026-56003

A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before 2.0.8 could be used by attackers using authenticated X clients to execute code within the X server...

8.8CVSS6.3AI score0.00643EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/07/08 9:12 a.m.7 views

CVE-2026-56002

A heap bufferflow in pcfReadFont due to missing glyph bounds checking in libXfont2 before 2.0.8 allows attackers authenticated as X client to execute code within the X server...

8.5CVSS6.1AI score0.00586EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/08 9:12 a.m.7 views

EUVD-2026-42211

A heap bufferflow in pcfReadFont due to missing glyph bounds checking in libXfont2 before 2.0.8 allows attackers authenticated as X client to execute code within the X server...

8.5CVSS6.1AI score0.00586EPSS
Exploits0References2
CVE
CVE
added 2026/07/08 9:12 a.m.19 views

CVE-2026-56002

The CVE-2026-56002 entry describes a heap buffer overflow in libXfont2’s PCF font parsing (pcfReadFont) due to missing glyph bounds checking, affecting libXfont2 before 2.0.8. An authenticated X client could potentially execute code in the X server. The provided metrics indicate a HIGH severity (...

8.8CVSS6.1AI score0.00586EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/07/08 9:12 a.m.4 views

CVE-2026-56002 libXfont2 PCF Font Parsing Heap Buffer Overflow

A heap bufferflow in pcfReadFont due to missing glyph bounds checking in libXfont2 before 2.0.8 allows attackers authenticated as X client to execute code within the X server...

8.5CVSS6.2AI score0.00586EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/08 4:26 a.m.7 views

kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...

9.8CVSS6.8AI score0.0049EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/08 4:21 a.m.4 views

kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...

9.8CVSS6.8AI score0.0049EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/08 4:9 a.m.10 views

kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...

9.8CVSS6.6AI score0.0049EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/08 4:8 a.m.13 views

kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...

9.8CVSS6.6AI score0.0049EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.10 views

PT-2026-56391

Name of the Vulnerable Software and Affected Versions libXfont2 versions prior to 2.0.8 Description A heap buffer overflow occurs when parsing PCF files due to missing size checking in the property buffer within the ComputeScaledProperties function. Authenticated X clients can exploit this issue ...

8.8CVSS6.5AI score0.00643EPSS
Exploits0References24
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.6 views

PT-2026-56560

Name of the Vulnerable Software and Affected Versions NATS Server versions prior to 2.14.3 NATS Server versions prior to 2.12.12 Description An unauthenticated MQTT client can cause the server to consume excessive memory by sending large incomplete MQTT CONNECT packets. The server retains these...

7.5CVSS5.9AI score0.00732EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-56003

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before...

8.8CVSS6AI score0.00643EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/07 8:11 p.m.5 views

Incorrect Authorization

Overview better-auth is a The most comprehensive authentication library for TypeScript. Affected versions of this package are vulnerable to Incorrect Authorization in the refreshtoken grant process of the legacy oidcProvider and mcp plugins, where confidential clients are not required to...

9.1CVSS6.1AI score0.00303EPSS
Exploits0References3
Rows per page
Query Builder