2221 matches found
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
CVE-2026-10699
Missing release of memory after effective lifetime vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...
PT-2026-56453
Missing release of memory after effective lifetime vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...
Use of Uninitialized Resource
Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
CVE-2026-24266
NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a use-after-free issue. A successful exploit of this vulnerability might lead to denial of service...
DEBIAN-CVE-2026-53916
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM hea...
CVE-2026-12610
A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...
PYSEC-2026-549 TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation
Impact Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE. When axis is larger than the dim of input, c-Diminput,axis goes out of bound. Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Gra...
CVE-2026-13511
CVE-2026-13511 affects VoltAgent up to 2.1.17, specifically the Memory REST APIās memory.handlers.ts function handleGetMemoryConversation. The issue arises from manipulating the argument conversationId, leading to improper authorization. Exploitation is described as possible from remote, with hig...
GHSA-XV9W-7V6Q-HPJH fluent-plugin-s3 Vulnerable to Denial of Service (DoS) via Decompression Bomb in `in_s3`
The fluent-plugin-s3 plugin specifically the ins3 input plugin supports reading and decompressing heavily compressed files such as gzip, lzma2, and lzop from Amazon S3. It was discovered that the plugin read the entire decompressed payload into memory at once without enforcing a strict size limit...
CVE-2026-53247
A flaw was found in the Linux kernel's ethernet driver for MediaTek mtkethsoc network devices. This vulnerability, a 'use-after-free', occurs when the system attempts to free a memory region while it is still being used by network packet processing. This can allow a local attacker to trigger syst...
libpng: libpng: Arbitrary code execution due to use-after-free vulnerability
A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...
mod_http2: Apache HTTP Server: HTTP/2 DoS by Memory Increase
A flaw was found in Apache HTTP Server. This late release of memory after effective lifetime vulnerability allows a remote, unauthenticated attacker to cause a denial of service DoS. The vulnerability can lead to resource exhaustion, making the server unavailable to legitimate users...
ROS-20260622-73-0011
The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Amazon Linux 2 : webkitgtk4, --advisory ALAS2-2026-3381 (ALAS-2026-3381)
The version of webkitgtk4 installed on the remote host is prior to 2.52.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3381 advisory. The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7....
ROS-20260617-73-0006
The vulnerability in ImageMagick 7 is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
USN-8432-1 freerdp2, freerdp3 vulnerabilities
It was discovered that FreeRDP incorrectly handled memory under certain circumstances, which could lead to an out-of-bounds heap write. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2026-45700 In addition, this update fixes a regression...
ROS-20260616-73-0022
The vulnerability in ImageMagick is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...
Chromium: CVE-2026-12007 Use after freeĀ Core
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
ROS-20260615-73-0043
The vulnerabilities of the functions kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA in the FreeRDP client are related to a memory reclamation error. Exploiting these vulnerabilities could allow an attacker to compromise the accessibility of protected information...