19398 matches found
EUVD-2026-44684
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...
EUVD-2026-44685
When NGINX Plus is configured to use the Message Queuing Telemetry Transport MQTT filter module ngxstreammqttfiltermodule, unauthenticated attackers can send requests with conditions beyond the attacker's control to cause a heap buffer over-read in the NGINX worker process, leading to a restart...
CVE-2026-24272
NVIDIA TensorRT contains a vulnerability where an attacker might cause an overflow to a heap-based buffer. A successful exploit of this vulnerability might lead to code execution...
CVE-2026-24268
NVIDIA TensorRT contains a vulnerability where an attacker might cause a heap-based buffer overflow. A successful exploit of this vulnerability might lead to code execution...
CVE-2026-57090
Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network...
CVE-2026-56189
Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code locally...
CVE-2026-50330
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-54993
CVE-2026-54993 describes a heap-based buffer overflow in Microsoft Windows Media Foundation that could allow a local attacker to execute code on a vulnerable system. The public descriptions in the provided documents identify the affected component as Windows Media Foundation, with the vulnerabili...
Windows Media Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally...
PT-2026-58165
Name of the Vulnerable Software and Affected Versions Windows Resilient File System ReFS affected versions not specified Description A heap-based buffer overflow exists in the Windows Resilient File System ReFS. This issue allows an authenticated attacker with local access to execute arbitrary co...
RockyLinux 9 : xorg-x11-server (RLSA-2026:38486)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:38486 advisory. xorg: X11: xserver: X.org: glamor Font Atlas Heap Buffer Overflow CVE-2026-55999 Tenable has extracted the preceding description block directly from the RockyLin...
Security Updates for Microsoft Word Products (July 2026)
The Microsoft Word Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. CVE-2026-55032, CVE-2026-55128 - Stack-based buffer overflow in Microsoft Office...
KB5099445: Windows Server 2012 Security Update (July 2026)
The remote Windows host is missing security update 5099445. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows RDP allows an unauthorized attacker to execute code over a network. CVE-2026-58594 - Heap-based buffer overflow in Windows Message Queuing...
CVE-2026-40468
The CVE-2026-40468 entry concerns gawk (versions 5.4.0 and earlier) with an integer overflow in the builtin.c file. The flaw can cause memory exhaustion and may enable overwriting heap metadata and objects with attacker-controlled bytes. This is described across multiple feeds (NVD/NIST entry and...
SUSE SLES15 Security Update : gstreamer-plugins-good (SUSE-SU-2026:2844-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2844-1 advisory. This update for gstreamer-plugins-good fixes the following issue - CVE-2026-53705: Heap buffer overflow in WavPack decoder via integer...
SUSE SLES15 Security Update : gstreamer-plugins-good (SUSE-SU-2026:2842-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2842-1 advisory. This update for gstreamer-plugins-good fixes the following issue - CVE-2026-53705: Heap buffer overflow in WavPack decoder via integer...
CVE-2026-56372
ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service...
CVE-2026-54000
osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. Prior to 5.23.1, on Windows, a local unprivileged attacker can cause a heap buffer out-of-bounds write if there is a query of the processes table targeting a maliciously crafted process, due to uncheck...
gstreamer1-plugins-bad-free security update
An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs ...
MiracleLinux 8 : gstreamer1-plugins-good-1.16.1-7.el8_10 (AXSA:2026-1245:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-1245:01 advisory. gstreamer1-plugins-good: GStreamer: Heap buffer overflow in WavPack decoder via integer overflow CVE-2026-53705 Tenable has extracted the preceding descripti...