Lucene search
K

2540 matches found

NVD
NVD
added yesterday6 views

CVE-2026-56000

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS0.00214EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added yesterday7 views

CVE-2026-56000

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS6AI score0.00214EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-56000

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS6AI score0.00214EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 3 days ago4 views

openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

A flaw was found in OpenSSL. When processing a specially crafted PKCS7 or S/MIME Secure/Multipurpose Internet Mail Extensions signed message, a heap use-after-free vulnerability in the PKCS7verify function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an emp...

8.8CVSS6.7AI score0.02719EPSS
Exploits0References4
OSV
OSV
added 2026/07/02 6:58 a.m.3 views

OPENSUSE-SU-2026:21207-1 Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issue - CVE-2026-46523: heap-use-after-free via a crafted MSL image bsc1268125...

7.5CVSS5.9AI score0.00301EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-54898

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parserparse is vulnerable to a heap...

2.1CVSS6.1AI score0.00117EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 12:16 a.m.5 views

CVE-2026-54898

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parserparse is vulnerable to a heap use-after-free when a SAJ/SAJ2 callback mutates the input JSON string during parsing. The C engine holds a raw const byte pointer into the Ruby...

2.1CVSS0.00117EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 12:16 a.m.2 views

DEBIAN-CVE-2026-54897

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to 3.17.2, Oj::Doc iterators eachvalue, eachchild, eachleaf were vulnerable to a heap use-after-free. When a Ruby block yielded during iteration calls doc.close or d.close, the document's heap memory is freed...

2.1CVSS5.7AI score0.00117EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 12:16 a.m.4 views

UBUNTU-CVE-2026-54899

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, disabling symbolkeys on a reused Oj::Parser instance triggers a heap use-after-free. When symbolkeys is toggled from true to false, optsymbolkeysset frees the internal key cache cachefree but...

6.3CVSS5.7AI score0.00428EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 2:16 p.m.7 views

CVE-2026-14178

openGauss 在处理带 NLS 参数的 totimestamp 调用时,totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr,导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下,可构造特定...

5.9CVSS0.00351EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-13595

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw...

6.8CVSS5.9AI score0.00112EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/29 10:3 a.m.7 views

ImageMagick: ImageMagick: Denial of Service via crafted MSL image leading to heap-use-after-free

A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. A remote attacker could exploit this vulnerability by providing a specially crafted MSL Magick Scripting Language image. Processing this malicious image could trigger a...

7.5CVSS5.8AI score0.00301EPSS
Exploits0References5
OSV
OSV
added 2026/06/29 9:53 a.m.2 views

SUSE-SU-2026:2676-1 Security update for bind

This update for bind fixes the following issues - CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-5946: Invalid handling of CLASS != IN bsc1265594. -...

9.8CVSS6.7AI score0.01844EPSS
Exploits1References11
OSV
OSV
added 2026/06/29 9:16 a.m.3 views

UBUNTU-CVE-2026-13595

A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...

6.8CVSS5.7AI score0.00112EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/29 8:6 a.m.54 views

CVE-2026-13595 Util-linux: util-linux: heap use-after-free in libblkid nested partition probing

A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...

6.8CVSS0.00112EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/29 8:6 a.m.7 views

CVE-2026-13595

A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...

6.8CVSS5.7AI score0.00112EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/29 8:6 a.m.6 views

EUVD-2026-40053

A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...

6.8CVSS5.7AI score0.00112EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-57436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::Documentroot= validated only that the new roo...

6.3CVSS6AI score0.00312EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-56117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows loc...

5.7CVSS6AI score0.00093EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.6 views

SUSE SLES15 Security Update : openssl-3-livepatches (SUSE-SU-2026:2662-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2662-1 advisory. This update for openssl-3-livepatches fixes the following issues - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC...

9.8CVSS7.2AI score0.47621EPSS
Exploits7References14
Rows per page
Query Builder