2513 matches found
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-34073, CVE-2026-39892
Summary IBM Maximo Application Suite - Visual Inspection component uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-34073, CVE-2026-39892, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details...
CVE-2026-53540 Python-Multipart: Negative Content-Length in parse_form buffers the entire body in memory
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.31, parseform did not validate the Content-Length header before using it to bound its chunked read of the request body. A negative Content-Length turned the bounded read into a read-until-EOF, so the entire body was loaded...
ROS-20260622-73-0015
The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
ROS-20260622-73-0028
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fixed the issue of freeing the HMB descriptor table. The HMB descriptor table is sized based on the maximum number of descriptors that can be used for a given device. However, nvmeallochostmem might break out of the loo...
Astra Linux – Vulnerability in exim4
Exim 4 before 4.94.2 has an improper restriction on write operations within the bounds of a memory buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: qat – validate the slice count returned by the firmware. The function adfsendadmintlstart enables the telemetry TL feature on a QAT device by sending the ICPQATFWTLSTART message to the firmware. This triggers the firmware...
Astra Linux – Vulnerability in Qemu
Integer overflows and buffer overflows were identified in the ACPI Error Record Serialization Table ERST device of QEMU, within the readerstrecord and writeerstrecord functions. Both issues may allow the guest to exceed the host buffer allocated for the ERST memory device. A malicious guest could...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple issues in Cryptography [CVE-2026-34073] [CVE-2026-39892]
Summary IBM Watson Speech Services Cartridge is vulnerable to Improper Certificate Validation and Improper Restriction of Operations within the Bounds of a Memory Buffer in Cryptography CVE-2026-34073 CVE-2026-39892. Cryptography is used in our speech runtimes. This vulnerabilitiy has been...
ROS-20260618-73-0007
The vulnerability of the ReadXBMImage function in the console-based ImageMagick graphics editor is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
ROS-20260618-73-0008
The vulnerability of the ReadXBMImage function in the console-based ImageMagick graphics editor is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Portwell Engineering_Toolkits
No d...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Treck Tcp\/Ip
No d...
ROS-20260611-73-0011
The vulnerability of the cleardecompressresidualdata function in the RDP client FreeRDP is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failures...
ROS-20260610-73-0033
The vulnerability in freerdp is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
ROS-20260610-73-0026
The vulnerability in Thunderbird is related to an operation that goes beyond the buffer boundaries in memory. Exploitation of this vulnerability can be carried out remotely...
CVE-2026-46312
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vmaflags in vb2dmasgmmap vb2dmacontig sets VMA flags VMDONTEXPAND and VMDONTDUMP and I do not see a reason why vb2dmasg should behave differently. This avoids hitting WARNON!vma-vmflags & VMDONTEXPAND; in...
ROS-20260608-73-0026
The vulnerability of the Microsoft Visual Studio software development tool and the .NET software platform is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
ROS-20260605-73-0090
The vulnerability in Firefox is related to the execution of operations outside the buffer in memory. The vulnerability can be exploited remotely...
ROS-20260605-73-0089
The vulnerability in Firefox is related to the execution of operations outside the buffer in memory. The vulnerability can be exploited remotely...