4977 matches found
Vulnerabilities found in Juniper Networks’ Junos OS and Junos OS Evolved
Juniper has identified several vulnerabilities in Junos OS and Junos OS Evolved, specifically related to devices in the MX Series, PTX Series, QFX Series, EX Series, SRX Series, and QFX10000 Series. These vulnerabilities affect various components of Junos OS and Junos OS Evolved, including the...
CVE-2026-61857
ImageMagick prior to 7.1.2-26 contains a heap use-after-free vulnerability caused by a missing null check when parsing XMP profiles. Attackers can craft specially crafted XMP data in image files to trigger the issue, potentially causing application crashes. The CVE record and CVE list entries con...
CVE-2026-55693
Vim is an open source, command line text editor. Prior to 9.2.0653, the treecountwords function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded only by the trie structure itself; it is never checked...
Updated openvpn packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Possible 1-byte buffer overrun on NTLMv2 proxy responses. CVE-2026-11771 Memory-leak in tls-crypt-v2 client key handling that could lead to out-of-memory situations and subsequent server crashes. CVE-2026-12932 Use-after-free bug in ackwritebuf,...
CVE-2026-57258
The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...
CVE-2026-13128
Embedding JavaScript within a PDF file will cause the page to be deleted. Subsequent scripts will continue to access the relevant properties of the document view, eventually leading to the crash of the application...
CVE-2026-13126 Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability
The embedded JavaScript in the PDF deleted the pages, making the object invalid. The application attempted to perform a write operation on the invalid pop-up annotations, resulting in the program crashing...
EUVD-2026-42190
The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...
CVE-2026-57258
The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...
Double Free
Overview Affected versions of this package are vulnerable to Double Free in the ExportToBlob function of the PLY Model Handler component. An attacker can cause memory corruption or application crashes by triggering a double free condition remotely. Remediation There is no fixed version for assimp...
PT-2026-54825
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-51 ImageMagick versions prior to 7.1.2-26 Description An integer overflow in the XCF decoder can lead to an out-of-bounds read when processing a specially crafted image, which may cause the application to...
CVE-2026-43727
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...
CVE-2026-43745
CVE-2026-43745 describes an out-of-bounds write issue addressed by improved input validation. The vulnerability affects Safari and related Apple platforms, with fixes in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2. The issue could lead to an unexpected Safari crash when proce...
CVE-2026-58058
A flaw was found in Nmap. A remote attacker or a scanned target can send a specially crafted IPv6 response with a truncated extension header. This can lead to an integer underflow, causing out-of-bounds reads and a denial of service DoS due to a crash during raw IPv6 scans. Mitigation Mitigation...
CVE-2026-58050
A flaw in libssh2 allows a malicious SSH server to trigger a memory overflow by sending a manipulated attribute count. This can cause the connecting client to crash or allow unauthorized code execution. Mitigation To mitigate this issue,ensure your applications are running strictly on 64-bit...
OPENSUSE-SU-2026:21166-1 Security update for nano
This update for nano fixes the following issues: Changes in nano: - Update to version 9.1: When searching, the viewport is placed snug left where possible. The ability to read and write files in old Mac format a lone carriage return as line ending was removed. The ^T toggle between WhereIs and...
PT-2026-53730
Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description An out-of-bounds write issue exists where processing maliciously crafted web content may lead to an...
PT-2026-53679
Name of the Vulnerable Software and Affected Versions p11-kit affected versions not specified Description A flaw exists in the RPC message attribute parsing process. The functions p11 rpc message get attribute and p11 rpc message get attribute array value create a mutually-recursive call chain th...
CVE-2026-53307
In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fully validate 'pinmux' property The pinconfgenericparsedtpinmux assumes that the 'pinmux' property is not empty when present. This might be not true. With that, the allocator will give a special value i...
CVE-2026-48090 Envoy HTTP: OAuth2 filter late async token completion after stream teardown (UAF / crash risk)
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter envoy.filters.http.oauth2 can leave an in-flight async token exchange attached to a downstream stream that has already been torn down. A late...