2209 matches found
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
CVE-2026-24266
NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a use-after-free issue. A successful exploit of this vulnerability might lead to denial of service...
DEBIAN-CVE-2026-53916
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM hea...
CVE-2026-12610
A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...
PYSEC-2026-549 TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation
Impact Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE. When axis is larger than the dim of input, c-Diminput,axis goes out of bound. Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Gra...
CVE-2026-13511
CVE-2026-13511 affects VoltAgent up to 2.1.17, specifically the Memory REST API’s memory.handlers.ts function handleGetMemoryConversation. The issue arises from manipulating the argument conversationId, leading to improper authorization. Exploitation is described as possible from remote, with hig...
CVE-2026-53247
A flaw was found in the Linux kernel's ethernet driver for MediaTek mtkethsoc network devices. This vulnerability, a 'use-after-free', occurs when the system attempts to free a memory region while it is still being used by network packet processing. This can allow a local attacker to trigger syst...
libpng: libpng: Arbitrary code execution due to use-after-free vulnerability
A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...
mod_http2: Apache HTTP Server: HTTP/2 DoS by Memory Increase
A flaw was found in Apache HTTP Server. This late release of memory after effective lifetime vulnerability allows a remote, unauthenticated attacker to cause a denial of service DoS. The vulnerability can lead to resource exhaustion, making the server unavailable to legitimate users...
ROS-20260622-73-0011
The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Amazon Linux 2 : webkitgtk4, --advisory ALAS2-2026-3381 (ALAS-2026-3381)
The version of webkitgtk4 installed on the remote host is prior to 2.52.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3381 advisory. The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7....
Astra Linux – Vulnerability in virglrenderer
A double-free vulnerability exists in the vrendrenderer.c file within virglrenderer up to version 0.8.1. Attackers can exploit this vulnerability to cause a denial of service by triggering texture allocation failures. The reason is that vrendrendererresourceallocatedtexture is not an appropriate...
Astra Linux – Vulnerability in binutils
A vulnerability was discovered in the binutils libbfd.c 2.36 code, related to auxiliary symbol data. Attackers can use this vulnerability to read from or write to system memory, or cause a denial of service...
ROS-20260617-73-0006
The vulnerability in ImageMagick 7 is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
USN-8432-1 freerdp2, freerdp3 vulnerabilities
It was discovered that FreeRDP incorrectly handled memory under certain circumstances, which could lead to an out-of-bounds heap write. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2026-45700 In addition, this update fixes a regression...
ROS-20260616-73-0022
The vulnerability in ImageMagick is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...
Chromium: CVE-2026-12007 Use after free Core
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
ROS-20260615-73-0010
The vulnerability of the RDP client FreeRDP is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
ROS-20260615-73-0029
The vulnerability of the xfclipboardformatequal function in the RDP client FreeRDP relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
ROS-20260615-73-0043
The vulnerabilities of the functions kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA in the FreeRDP client are related to a memory reclamation error. Exploiting these vulnerabilities could allow an attacker to compromise the accessibility of protected information...