2218 matches found
ROS-20260615-73-0043
The vulnerabilities of the functions kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA in the FreeRDP client are related to a memory reclamation error. Exploiting these vulnerabilities could allow an attacker to compromise the accessibility of protected information...
OESA-2026-2613 catdoc security update
catdoc is program which reads one or more Microsoft word files and outputs text, contained insinde them to standard output. Therefore it does same work for.doc files, as unix cat command for plain ASCII files. It is now accompanied by xls2csv - program which converts Excel spreadsheet into...
ROS-20260611-73-0028
The vulnerability of the ecamencodercompressh264 function in the FreeRDP remote desktop protocol is related to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data or cause service failures...
ROS-20260611-73-0026
The vulnerability in freerdp3 is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2026-49948
Mem0 versions through 0.2.8, fixed in commit ae7f406, contain a missing authorization vulnerability in the self-hosted server component where the POST /configure endpoint modifies global LLM provider and embedder configuration but only verifies authentication via JWT or X-API-Key without validati...
EUVD-2026-36012
Ghidra before 12.0.3 contains an out-of-memory vulnerability in the rustdemangle function that allocates unbounded output buffers without size limits. Attackers can craft malicious Rust symbol names in binaries to trigger exponential memory allocation, causing process crashes during binary analys...
ROS-20260610-73-0023
The vulnerability in Thunderbird relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
ROS-20260610-73-0048
The vulnerability of the irpthreadfunc function in the RDP client of FreeRDP is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...
ROS-20260609-73-0012
The vulnerability of the ngxhttpscgimodule and ngxhttpuwsgimodule modules in NGINX Plus and NGINX Open Source web servers is related to uncontrolled memory consumption. Exploiting this vulnerability can allow a malicious actor to perform a “man-in-the-middle” attack remotely...
Important: nvidia-imex
Issue Overview: NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service...
Important: nvidia-xconfig
Issue Overview: NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service...
CVE-2026-0857
Cleartext Storage of Sensitive Information in Memory vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020...
ROS-20260605-73-0074
The vulnerability in Firefox is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
ROS-20260605-73-0060
The vulnerability of the Layout component: Texts and fonts in Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to the use of memory after it is released. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility o...
CVE-2026-26825
A flaw was found in libxls. This use-of-uninitialized memory vulnerability occurs when the software processes specially crafted XLS files. An attacker could exploit this by providing a malformed XLS file, which may lead to undefined behavior, incorrect parsing logic, or potential information...
DEBIAN-CVE-2026-26825
A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...
Security Bulletin: Oracle Outside In Technology (OIT) v8.5.7 BP9, v8.5.8 BP2 vulnerabilities CVE-2025-54874 (vulnerable), CVE-2025-59375 (vulnerable) in FileNet Content Manager (FNCM) Content Based Retrieval (CBR) content indexing
Summary Oracle Outside In Technology OIT v8.5.7 BP9, v8.5.8 BP2 January, 2025 vulnerabilities CVE-2025-54874 vulnerable, CVE-2025-59375 vulnerable in FileNet Content Manager FNCM Content Based Retrieval CBR content indexing Vulnerability Details CVEID:CVE-2025-54874 DESCRIPTION: OpenJPEG is an...
CVE-2026-26824
libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table MSAT in readMSAT is not fully initialized before being consumed by ole2validatesectorchain, which may result in application crashe...
EUVD-2026-34178
libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table MSAT in readMSAT is not fully initialized before being consumed by ole2validatesectorchain, which may result in application crashe...
PT-2026-46057
Name of the Vulnerable Software and Affected Versions libxls versions prior to 1.6.4 Description The OLE container parser contains an issue where memory allocated for the Master Sector Allocation Table MSAT in the read MSAT function is not fully initialized before being used by the ole2 validate...