1914 matches found
CVE-2026-48090
Envoy CVE-2026-48090 affects the HTTP OAuth2 filter (envoy.filters.http.oauth2) in 1.37.0–1.37.5 and 1.38.3. A late AsyncClient completion can call OAuth2Filter methods after the downstream stream has been torn down, leading to undefined behavior, worker crashes, and use-after-free/invalid-vptr f...
CVE-2026-57236
CVE-2026-57236 affects Nokogiri (Ruby) with the CRuby/libxml2 backend. Prior to 1.19.4, calling Document#encoding= with an invalid encoding (e.g., non-string or null byte) frees the current encoding string but does not replace it, leaving the document referencing freed memory. The next call to Do...
CVE-2026-42388
Incomplete validation of the SOA record present in a catalog zone might lead to a crash...
EUVD-2026-39358
Incomplete validation of the SOA record present in a catalog zone might lead to a crash...
CVE-2026-12245 Denial of DNS over TLS service by any DoT client
NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of the server process, which can be triggered trivially by sending a DNS query over a DoT connection, and closing the connection without reading the response...
CVE-2026-12892
A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary...
CVE-2026-8358
A heap-based buffer overflow vulnerability was discovered in LibreOffice Calc's spreadsheet importer. When processing tracked changes from a spreadsheet document, the application fails to properly handle duplicate change identifiers. By reusing the same change identifier for two distinct types of...
PT-2026-51227
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-15 ImageMagick versions prior to 6.9.13-40 Description An integer overflow exists in the PSB PSD v2 RLE decoding path within the ReadPSDChannelRLE function located in coders/psd.c. On 32-bit builds, this fla...
kernel: net/sched: act_pedit: extend the writable skb range per key
A flaw was found in the Linux kernel's traffic control packet editing pedit subsystem. In tcfpeditact, the copy-on-write COW range for skbensurewritable is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can...
GHSA-6V7P-G79W-8964 MessagePack for Python: Out-of-bounds read / crash on Unpacker reuse after a caught error
Impact If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. If the Unpacker is used repeatedly to unpack untrusted input from external sources, it may be vulnerable to a DoS attack. Patches v1.2.1 Workarounds Users should create a new Unpacker instead of...
kernel: net/sched: act_pedit: extend the writable skb range per key
A flaw was found in the Linux kernel's traffic control packet editing pedit subsystem. In tcfpeditact, the copy-on-write COW range for skbensurewritable is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can...
Astra Linux – Vulnerability in Firefox and Thunderbird
An attacker could exploit a “use-after-free” condition when accessibility is enabled, resulting in a potentially exploitable crash. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132...
Astra Linux – Vulnerability in bind9
The code that processes control channel messages sent to named recursively calls certain functions during packet parsing. The recursion depth is limited only by the maximum acceptable packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Tracing: Ensure that traceeventfile has a ref counter. The following actions can cause the kernel to crash: cd /sys/kernel/tracing echo 'p:sched schedule' kprobeevents exec 5events/kprobes/sched/enable kprobeevents exec 5&- Th...
Astra Linux – Vulnerability in WebKit2GTK
A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3, and iPadOS 18.7.3; iOS 26.2, and iPadOS 26.2; as well as macOS Tahoe 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...
Astra Linux – Vulnerability in Firefox, Thunderbird
Inconsistent data in the instruction and data cache when creating Wasm code can lead to a potentially exploitable crash.This bug only affects Firefox on ARM64 platforms.. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handling of the case where pmruntimeget fails in .remove. In the unlikely event that pmruntimeget disguised as pmruntimeresumeandget fails, the remove callback returns an error early. The problem with this is tha...
Astra Linux – Vulnerability in WebKit2GTK
A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, and watchOS 10.6. Processing maliciously crafted web content may lead to an...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/lima: Fix for shared interrupt handling during driver removal. lima uses a shared interrupt; therefore, the interrupt handlers must be prepared to be called at any time. During driver removal, the clocks are disabled early, a...
Astra Linux – Vulnerability in WebKit2GTK
A buffer overflow issue has been addressed through improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4, iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, and watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected process crash...