430 matches found
CVE-2026-3055 Insufficient input validation leading to memory overread
Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread...
CVE-2026-3055
CVE-2026-3055 affects Citrix NetScaler ADC/NetScaler Gateway when configured as a SAML IDP, causing a memory overread due to insufficient input validation. Affected versions per Nessus plugin: NetScaler ADC/Gateway 14.1 prior to 14.1-66.59; 13.1 prior to 13.1-62.23; and 13.1-FIPS/NDcPP prior to 1...
CVE-2026-3055
Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread...
Vulnerabilities fixed in Citrix Netscaler ADC and Netscaler Gateway
Citrix has fixed vulnerabilities in their software related to insufficient input validation and a race condition in session management. The input validation vulnerability occurs because the software does not correctly check for input sizes or limits, which can lead to memory overreads. This can...
PT-2026-27202
Name of the Vulnerable Software and Affected Versions NetScaler ADC versions prior to 14.1-60.58 NetScaler Gateway versions prior to 13.1-662.23 Description Insufficient input validation in the SAML processing module of NetScaler ADC and NetScaler Gateway, when configured as a SAML Identity...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005411)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005411 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: add bounds checking in getmaxinlinexattrvaluesize Normally the extended attributes in the...
SUSE CVE-2026-25987
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the MAP image decoder when processing crafted MAP files, potentially leading to crashes or unintended memory...
CVE-2026-25982
A flaw was found in ImageMagick, a software suite for image manipulation. When processing specially crafted DICOM Digital Imaging and Communications in Medicine files, a vulnerability allows the software to read beyond its intended memory boundaries. This can lead to a Denial of Service, causing...
Advisory ROSA-SA-2026-3133
Software: curl 7.61.1 OS: ROSA Virtualization 2.1 unaffected versions = curl-7.61.1-34.0.2.rv3.9 affected versions curl-7.61.1-34.0.2.rv3.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffer...
ROS-20260202-73-0026
A vulnerability in the dwc3checkeventbuf function of the Linux kernel is related to reading memory outside of the allocated buffer. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality of protected information...
ROS-20260129-73-0062
A vulnerability in the ssh-agent library ssh-agent server for the Go crypto programming language involves reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
CVE-2025-68785
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...
ALPINE-CVE-2026-22695
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function pngimagefinishread when processing interlaced 16-bit PNGs with...
PT-2026-4857
Name of the Vulnerable Software and Affected Versions Wasmtime versions prior to 36.0.5 Wasmtime versions 36.0.5 through 40.0.2 Wasmtime versions 40.0.3 through 41.0.0 Wasmtime versions 41.0.1 Description A flaw in Wasmtime's Cranelift compiler can lead to a host-level segmentation fault when...
Unity Linux 20.1070e Security Update: nginx (UTSA-2025-993314)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993314 advisory. NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...
BIT-NGINX-GATEWAY-2024-7347 NGINX MP4 module vulnerability
NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngxhttpmp4module and the mp4 directi...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-41017)
jfs: vulnerability involves the risk of accessing memory beyond the end of ealist, which can lead to undefined behavior or crashes. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
EUVD-2018-5819
Malware in sbrugna...
EUVD-2014-9790
Malware in sbrugna...
EUVD-2015-9046
Malware in sbrugna...