2284 matches found
CVE-2026-61857
A flaw was found in ImageMagick. This vulnerability allows a remote attacker to cause the application to crash. The issue stems from improper handling of XMP Extensible Metadata Platform profiles within image files. By crafting a malicious image with specially designed XMP data, an attacker can...
Linux Distros Unpatched Vulnerability : CVE-2026-56297
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP before 3.22.0 contains a use-after-free vulnerability in dvcmanchannelclose and dvcmancallonreceive due to improper synchronization of channelcallback...
CVE-2026-56000
Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...
CVE-2026-56000
Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...
CVE-2026-56000
Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...
PT-2026-56335
Name of the Vulnerable Software and Affected Versions xorg-server versions prior to 21.2.24 xwayland versions prior to 24.1.13 Description Local attackers with an X connection can cause a Heap Use After Free, a condition where the system continues to use a memory address after it has been freed,...
openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()
A flaw was found in OpenSSL. When processing a specially crafted PKCS7 or S/MIME Secure/Multipurpose Internet Mail Extensions signed message, a heap use-after-free vulnerability in the PKCS7verify function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an emp...
OPENSUSE-SU-2026:21207-1 Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issue - CVE-2026-46523: heap-use-after-free via a crafted MSL image bsc1268125...
Linux Distros Unpatched Vulnerability : CVE-2026-54898
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parserparse is vulnerable to a heap...
CVE-2026-54898
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parserparse is vulnerable to a heap use-after-free when a SAJ/SAJ2 callback mutates the input JSON string during parsing. The C engine holds a raw const byte pointer into the Ruby...
DEBIAN-CVE-2026-54897
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to 3.17.2, Oj::Doc iterators eachvalue, eachchild, eachleaf were vulnerable to a heap use-after-free. When a Ruby block yielded during iteration calls doc.close or d.close, the document's heap memory is freed...
UBUNTU-CVE-2026-54899
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, disabling symbolkeys on a reused Oj::Parser instance triggers a heap use-after-free. When symbolkeys is toggled from true to false, optsymbolkeysset frees the internal key cache cachefree but...
Linux Distros Unpatched Vulnerability : CVE-2026-13595
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw...
ImageMagick: ImageMagick: Denial of Service via crafted MSL image leading to heap-use-after-free
A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. A remote attacker could exploit this vulnerability by providing a specially crafted MSL Magick Scripting Language image. Processing this malicious image could trigger a...
SUSE-SU-2026:2676-1 Security update for bind
This update for bind fixes the following issues - CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-5946: Invalid handling of CLASS != IN bsc1265594. -...
UBUNTU-CVE-2026-13595
A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...
CVE-2026-13595
A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...
EUVD-2026-40053
A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...
CVE-2026-13595 Util-linux: util-linux: heap use-after-free in libblkid nested partition probing
A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...
Linux Distros Unpatched Vulnerability : CVE-2026-57436
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::Documentroot= validated only that the new roo...