12744 matches found
EUVD-2026-44685
When NGINX Plus is configured to use the Message Queuing Telemetry Transport MQTT filter module ngxstreammqttfiltermodule, unauthenticated attackers can send requests with conditions beyond the attacker's control to cause a heap buffer over-read in the NGINX worker process, leading to a restart...
CVE-2026-57968
Buffer over-read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
CVE-2026-50475
Buffer over-read in Windows Kernel allows an authorized attacker to disclose information locally...
CVE-2026-50445
Buffer over-read in Windows RDP allows an unauthorized attacker to disclose information over a network...
CVE-2026-50435
Buffer over-read in Windows Overlay Filter allows an authorized attacker to elevate privileges locally...
CVE-2026-50372
Buffer over-read in Windows Redirected Drive Buffering allows an authorized attacker to elevate privileges locally...
CVE-2026-50341
Buffer over-read in Windows NTFS allows an authorized attacker to disclose information locally...
CVE-2025-43892
A buffer over-read vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions may allow an authenticated remote attacker to return a portion of device memory in the redirect response via submitti...
Windows Print Spooler Information Disclosure Vulnerability
Buffer over-read in Windows Print Spooler Components allows an authorized attacker to disclose information locally...
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
Buffer over-read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
Windows Hyper-V Denial of Service Vulnerability
Buffer over-read in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network...
PT-2026-58423
Name of the Vulnerable Software and Affected Versions Windows RDP affected versions not specified Description A buffer over-read in Windows RDP allows an unauthorized attacker to disclose sensitive information over a network and affect the system. A buffer over-read occurs when a program reads mo...
PT-2026-58478
Name of the Vulnerable Software and Affected Versions Remote Desktop Client affected versions not specified Description A buffer over-read exists in the Remote Desktop Client, which allows an unauthorized attacker to disclose information over a network. This issue occurs when the client connects ...
Microsoft Windows Subsystem for Linux (WSL2) < 2.7.8 EoP (CVE-2026-57968) (July 2026)
The version of Microsoft Windows Subsystem for Linux WSL2 on the remote Windows host is prior to 2.7.8. It is, therefore, affected by an elevation of privilege vulnerability: - Buffer over-read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
OPENSUSE-SU-2026:21313-1 Security update for python-Django
This update for python-Django fixes the following issues: Changes in python-Django: - CVE-2026-48588: Potential exposure of private data via cached Set-Cookie response bsc1271029 - CVE-2026-53877: Heap buffer over-read in GDALRaster bsc1271030 - CVE-2026-53878: Header injection possibility since...
openSUSE 16: apache2 / apache2-devel / apache2-event / apache2-manual / etc (openSUSE-SU-2026:21235-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:21235-1 advisory. This update for apache2 fixes the following issues - CVE-2026-29167: modldap per-dir use-after-free bsc1267976. - CVE-2026-29170: modproxyftp XS...
Linux Distros Unpatched Vulnerability : CVE-2026-53877
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed fr...
CVE-2026-10657
Zephyr's DNS resolver detects mDNS .local queries in dnsresolvenameinternal subsys/net/lib/dns/resolve.c with memcmpstrrchrquery, '.', ".local", 7, which always reads a fixed 7 bytes from the suffix pointer. When the resolved hostname's final label is shorter than 7 bytes e.g. names ending in .or...
PT-2026-55829
Name of the Vulnerable Software and Affected Versions Zephyr versions 1.10.0 through 3.7.0 Description The DNS resolver contains a flaw in the dns resolve name internal function within subsys/net/lib/dns/resolve.c when CONFIG MDNS RESOLVER is enabled. The system uses memcmp to detect mDNS .local...
Glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal()
...