1185 matches found
CVE-2026-6068 CVE-2026-6068
NASM contains a heap use after free vulnerability in response file -@ processing where a dangling pointer to freed memory is stored in the global dependfile and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code executi...
PT-2026-31918
Name of the Vulnerable Software and Affected Versions NASM affected versions not specified Description A heap use after free issue exists during response file -@ processing. A dangling pointer to freed memory is stored in the global depend file and subsequently dereferenced because the...
PT-2026-31620
Name of the Vulnerable Software and Affected Versions LIBPNG versions 1.0.9 through 1.6.56 Description LIBPNG is a library used by applications to read, create, and manipulate PNG image files. A flaw exists where passing a pointer obtained from png get PLTE, png get tRNS, or png get hIST back int...
ALPINE-CVE-2026-39316
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a use-after-free vulnerability exists in the CUPS scheduler cupsd when temporary printers are automatically deleted. cupsdDeleteTemporaryPrinters in...
CVE-2026-39316
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a use-after-free vulnerability exists in the CUPS scheduler cupsd when temporary printers are automatically deleted. cupsdDeleteTemporaryPrinters in...
UBUNTU-CVE-2026-39316
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a use-after-free vulnerability exists in the CUPS scheduler cupsd when temporary printers are automatically deleted. cupsdDeleteTemporaryPrinters in...
CVE-2026-39316
OpenPrinting CUPS contains a use-after-free in the cupsd scheduler when deleting temporary printers. In cupsdDeleteTemporaryPrinters(), cupsdDeletePrinter() is called without expiring subscriptions that reference the printer, leaving cupsd_subscription_t.dest as a dangling pointer to freed memor...
GHSA-57CW-J6VP-2P9M OpenEXR has use after free in PyObject_StealAttrString
Summary There is a use-after-free in PyObjectStealAttrString of pyOpenEXRold.cpp. This bug was found with ZeroPath. Details The legacy adapter defines PyObjectStealAttrString that calls PyObjectGetAttrString to obtain a new reference, immediately decrefs it, and returns the pointer. Callers then...
SUSE CVE-2026-35094
A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...
Linux Distros Unpatched Vulnerability : CVE-2026-35094
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. Th...
EUVD-2026-17909
A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...
CVE-2026-35094
A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...
DEBIAN-CVE-2026-35094
A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...
CVE-2026-35094 Libinput: libinput: information disclosure via dangling pointer in lua plugin handling
A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...
CVE-2026-35094
Libinput vulnerability CVE-2026-35094: A dangling pointer flaw occurs in libinput’s Lua plugin handling. If an attacker can place a Lua plugin file in system directories and Lua plugins are enabled and loaded by the compositor, a garbage-collection cleanup can leave a pointer that is printed to s...
CVE-2026-35094
A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...
CVE-2026-35094 Libinput: libinput: information disclosure via dangling pointer in lua plugin handling
A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...
CVE-2026-35094
A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...
CVE-2026-35094
A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...
PT-2026-29525
Name of the Vulnerable Software and Affected Versions libinput affected versions not specified Description A flaw exists in libinput where an attacker who can deploy a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collectio...