516 matches found
CVE-2026-57260
The application opened a PDF file containing an abnormal Unity 3D object. During parsing, the application incorrectly resolved a portion of the abnormal object as a pointer and used it as a valid address, ultimately causing the application to crash...
Linux Distros Unpatched Vulnerability : CVE-2026-53307
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pinctrl: pinconf-generic: Fully validate 'pinmux' property The pinconfgenericparsedtpinmux assumes that the 'pinmux' property is not empty when present. This...
CVE-2026-53307
A flaw was found in the Linux kernel. The pinctrl: pinconf-generic subsystem does not properly validate the 'pinmux' property. An attacker could provide an empty 'pinmux' property, which would cause the system to crash due to invalid memory access. This could lead to a denial of service...
SUSE CVE-2026-53307
In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fully validate 'pinmux' property The pinconfgenericparsedtpinmux assumes that the 'pinmux' property is not empty when present. This might be not true. With that, the allocator will give a special value i...
UBUNTU-CVE-2026-53307
In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fully validate 'pinmux' property The pinconfgenericparsedtpinmux assumes that the 'pinmux' property is not empty when present. This might be not true. With that, the allocator will give a special value i...
CVE-2026-53307
In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fully validate 'pinmux' property The pinconfgenericparsedtpinmux assumes that the 'pinmux' property is not empty when present. This might be not true. With that, the allocator will give a special value i...
EUVD-2026-39842
In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fully validate 'pinmux' property The pinconfgenericparsedtpinmux assumes that the 'pinmux' property is not empty when present. This might be not true. With that, the allocator will give a special value i...
SUSE CVE-2026-53176
In the Linux kernel, the following vulnerability has been resolved: IB/isert: Reject login PDUs shorter than ISERHEADERSLEN In drivers/infiniband/ulp/isert/ibisert.c, isertloginrecvdone computes the login request payload length as wc-bytelen minus ISERHEADERSLEN with no lower bound, and loginreql...
libxslt: use-after-free with key data stored cross-RVT
A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...
Amazon Linux 2 : webkitgtk4, --advisory ALAS2-2026-3381 (ALAS-2026-3381)
The version of webkitgtk4 installed on the remote host is prior to 2.52.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3381 advisory. The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7....
CVE-2026-56210
A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows setting a spatiallayerid exceeding the configured number of layers. This causes an out-of-bounds heap rea...
Astra Linux – Vulnerability in Samba
A flaw was discovered in Samba. Spaces used in a string surrounding a domain name DN can cause invalid DN strings with spaces to write a zero-byte into out-of-bounds memory, leading to a crash. The greatest threat of this vulnerability is to system availability...
PT-2026-50871
Name of the Vulnerable Software and Affected Versions FFmpeg affected versions not specified Description A use-after-free issue exists in the RASC video decoder. The decode move function initializes a read pointer into a decompressed buffer; however, a subsequent reallocation of that buffer durin...
CVE-2026-50643
8cc is vulnerable to an Out‑of‑Bounds Read due to improper handling of line directives and GNU linemarkers. The compiler accepts attacker-controlled filename and line number metadata and later uses it without validation when accessing source line arrays. By supplying invalid or oversized line...
CVE-2026-50643
The CVE-2026-50643 entry concerns the 8cc compiler. It describes an Out-of-Bounds Read caused by improper handling of #line directives and GNU linemarkers, where attacker-controlled filename and line-number metadata is used without validation when accessing source line arrays. This can lead to ou...
MongoDB 7.0.x < 7.0.35 / 8.0.x < 8.0.24 / 8.2.x < 8.2.10 / 8.3.x < 8.3.3 Multiple Vulnerabilities
The version of MongoDB installed on the remote host is 7.0.x prior to 7.0.35, 8.0.x prior to 8.0.24, 8.2.x prior to 8.2.10, or 8.3.x prior to 8.3.3. It is, therefore, affected by multiple vulnerabilities: - The $internalApplyOplogUpdate aggregation pipeline stage can be used to execute a document...
CVE-2026-9753
The $internalApplyOplogUpdate aggregation pipeline stage can be used to execute a document diff containing a malformed binary diff to return memory out-of-bounds or crash the server. $internalApplyOplogUpdate can be executed by any authenticated user with access to the aggregate command...
Use After Free
Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
CVE-2026-26241 File Station 5
A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later...
NSA Ghidra 安全漏洞
NSA Ghidra is an open-source reverse-engineering tool developed by the National Security Agency National Security Agency of the United States. Previous versions of NSA Ghidra, such as version 12.1, contained security vulnerabilities. These vulnerabilities stemmed from a flaw in the...