1203 matches found
EUVD-2026-45654
In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Validate framework notification message layout Framework notifications carry an indirect message in the shared RX buffer. Validate the reported offset and size before using them, reject zero-length payloads, and...
CVE-2026-64014
The CVE-2026-64014 issue affects the Linux kernel USB touchscreen path for NEXIO devices (nexio_read_data). It describes a vulnerability where data_len and x_len are read from a 16-bit header and used to walk packet data without proper bounds, potentially enabling a ~64 KiB out-of-bounds read pas...
EUVD-2026-44965
HTML::Bare versions through 0.04 for Perl have an unbounded character lookahead. The parsercparse function attempts to check for multicharacter strings such as "" without checking that the offsets are within the buffer. Truncated strings such as "a/" can trigger an out-of-bounds read. Note that t...
SUSE-SU-2026:3040-1 Security update for python-cryptography
This update for python-cryptography fixes the following issues: - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270208. - CVE-2026-41677: openssl: out-of-bounds read in PEM password callback when returning an oversized length...
OESA-2026-2958 nmap security update
Nmap "Network Mapper" is a free and open source license utility for network discovery and security \ auditing. It was designed to rapidly scan large networks, but works fine against single hosts. Security Fixes: Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured...
OESA-2026-2932 libidn security update
GNU Libidn is a fully documented implementation of the Stringprep, Punycode and IDNA 2003 specifications. Libidn's purpose is to encode and decode internationalized domain names. Security Fixes: GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs...
AlmaLinux 9 : gstreamer1-plugins-ugly-free (ALSA-2026:36674)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:36674 advisory. gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header parser CVE-2026-53703 gstreamer1-plugins-ugly-free:...
OPENSUSE-SU-2026:21239-1 Security update for python-msgpack
This update for python-msgpack fixes the following issue - CVE-2026-57585: reusing an Unpacker instance after an error has been caught can lead to an out-of-bounds read bsc1269947...
SUSE CVE-2026-53360
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use As per the GHCB spec, when using GHCB v2+ require the software scratch area to reside in the GHCB's shared buffer. Note, things like Page State Change PSC requests rely...
CVE-2026-53360
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use As per the GHCB spec, when using GHCB v2+ require the software scratch area to reside in the GHCB's shared buffer. Note, things like Page State Change PSC requests rely...
CVE-2026-53138
A flaw was found in the Linux kernel's AMD display drm/amd/display driver. A malformed VBIOS image can cause unbounded processing loops, leading to an out-of-bounds read. This could result in information disclosure or a system crash...
CVE-2026-53224
A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. Specifically, improper validation of embedded INIT chunk and address list lengths in SCTP cookies could allow a remote attacker to trigger out-of-bounds reads. This could lead to information disclosur...
CVE-2026-4526
In EmberZNet v9.0.2 and earlier, malformed global ZCL messages can trigger out-of-bounds reads in framework parsing logic and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed...
CVE-2026-47154
In EmberZNet v9.0.2 and earlier, a malformed GetProfileResponse message can trigger out-of-bounds reads while iterating interval entries and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observe...
CVE-2026-47154 Simple Metering GetProfileResponse interval-bounds bug in EmberZNet v9.0.2
In EmberZNet v9.0.2 and earlier, a malformed GetProfileResponse message can trigger out-of-bounds reads while iterating interval entries and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observe...
CVE-2026-4526 Global ZCL command parser missing minimum-length validation in EmberZNet v9.0.2
In EmberZNet v9.0.2 and earlier, malformed global ZCL messages can trigger out-of-bounds reads in framework parsing logic and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed...
CVE-2026-4526
EmberZNet v9.0.2 and earlier has a vulnerability in the global ZCL command parser due to missing minimum-length validation, which can cause out-of-bounds reads in the framework parsing logic and terminate the process. The issue requires messages to originate from a device that has already joined ...
CVE-2026-53147
In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Validate XDomain request packet size before type cast tbxdphandlerequest casts the received packet buffer to protocol-specific structs without verifying that the allocation is large enough for the target type. A peer...
Astra Linux – Vulnerability in Squid
Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid was vulnerable to out-of-bound reads when handling ICP traffic. This issue allowed a remote attacker to access small amounts of memory that might contain sensitive information, by responding with...
Linux Distros Unpatched Vulnerability : CVE-2026-10645
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Zephyr ext2 filesystem driver subsys/fs/ext2 trusted the on-disk directory entry fields dereclen and denamelen when walking a directory block...