14815 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-52940
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tun: zero the whole vnet header in tunputuser tunputuser declares an on-stack struct virtionethdrv1hashtunnel without zeroing it. For a non-tunnel skb,...
PT-2026-51727
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the batman-adv module where the batadv tvlv container list size function uses a u16 return type and accumulator. When the accumulated size of registered containers...
Linux Distros Unpatched Vulnerability : CVE-2026-52934
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - batman-adv: tvlv: reject oversized TVLV packets batadvtvlvcontainerogmappend builds a TVLV packet section from the tvlv.containerlist. The total size of this...
The vulnerability of the ssh2_transport_read() function in the libssh2 library, which allows a hacker to execute arbitrary code.
The vulnerability of the ssh2transportread function in the libssh2 library is related to buffer overflows due to integer overflows. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using specially created SSH packets...
OPENSUSE-SU-2026:21104-1 Security update for postgresql16
This update for postgresql16 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...
OPENSUSE-SU-2026:21103-1 Security update for postgresql15
This update for postgresql15 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...
OPENSUSE-SU-2026:21102-1 Security update for postgresql14
This update for postgresql14 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fixed the Rx DMA data size and skboverpanic issue. The function managetrxbufcfg aligns the DMA data size of the RX buffer to be a multiple of 64. As a result, a packet slightly larger than mtu+14, for example, 1536...
Siemens RuggedCom Rox Heap-based Buffer Overflow (CVE-2022-2347)
There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the ssh2transportread function in transport.c when processing SSH packets with excessively large packetlength values. An attacker can corrupt heap memory and potentially execute arbitrary code by sending...
kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets
A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because the eui64mt6 function, which processes IPv6 packets, does not properly validate the MAC header for all packets. Specifically, packets with a zero fragment offset could bypass an existing guard, allowing...
OPENSUSE-SU-2026:20970-1 Security update for postgresql17
This update for postgresql17 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...
SUSE-SU-2026:22149-1 Security update for postgresql17
This update for postgresql17 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...
wireshark: Heap-based Buffer Overflow in Wireshark
A flaw was found in the RDP protocol dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a heap-based buffer overflow, resulting in a denial of service or potentially in code execution...
wireshark: Improperly Controlled Sequential Memory Allocation in Wireshark
A flaw was found in the USB HID dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing an excessive consumption of memory, resulting in a denial of service...
wireshark: Buffer Over-read in Wireshark
A flaw was found in the RF4CE Profile dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a buffer over-read, resulting in a denial of service...
DEBIAN-CVE-2026-52721
Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing. This element is primarily used in debugging pipelines, limiting real-world exposure. A local attacker could...
OPENSUSE-SU-2026:20985-1 Security update for hostapd
This update for hostapd fixes the following issues: Changes in hostapd: - bsc1268083 - hostapd segmentation fault during fast restart cycles. - CVE-2025-24912: hostapd fails to process crafted RADIUS packets properly bsc1239461...
ROS-20260615-73-0041
The vulnerability of the yuvensurebuffer function in the RDP client FreeRDP is related to incorrect calculations of the size of the buffer allocated. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted NAL packets...
ConnectBot SSH Client Library: Unbounded SSH field lengths can cause excessive memory allocation
Summary The SSH protocol parser trusted attacker-controlled length and count fields without first checking that the declared values fit within the containing packet. When a client connects to a malicious or compromised SSH server, the server can send a small, malformed packet containing an inner...