93 matches found
CVE-2026-57254
There is an abnormal annotation within the PDF that is referenced by other objects. When the application parses the PDF, it fails to perform proper type checking, ultimately causing the application to crash...
CVE-2026-57254
There is an abnormal annotation within the PDF that is referenced by other objects. When the application parses the PDF, it fails to perform proper type checking, ultimately causing the application to crash...
CVE-2026-48985
pamusb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, pusbisloginctllocal can cause a NULL dereference crash when parsing loginctl output. The function calls popen and reads the result; if the Remote field is only a newline, fgets succeeds...
SUSE-SU-2026:21981-1 Security update for ovmf
This update for ovmf fixes the following issues: - CVE-2026-25833: mbedtls: buffer overflow in the x509inetptonipv6 function bsc1261476. - CVE-2026-25834: mbedtls: client accepts signature algorithm chosen by server even if not advertised in client hello bsc1261477. - CVE-2026-25835: mbedtls: no...
dnsmasq: extract_addresses() OOB read via malformed rdlen
A heap out-of-bounds read vulnerability was discovered in dnsmasq's DNS response processing. The extractaddresses function trusts the declared record data length rdlen without verifying that a subsequent call to extractname stays within the record boundary. A crafted DNS response with a mismatche...
Unity Linux 20.1060e / 20.1070e Security Update: openssl (UTSA-2026-017587)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017587 advisory. The OpenSSL public API function X509issuerandserialhash attempts to create a unique hash value based on the issuer and serial number data contained within an X509...
GHSA-G47V-RWMH-R9F8 eml_parser has recursion DoS via nested message/rfc822 attachments
Summary EmlParser.getrawbodytext recurses unconditionally for every nested message/rfc822 attachment without any depth limit. An attacker who can supply a badly crafted EML file with approximately 120 nested message/rfc822 parts triggers an unhandled RecursionError and aborts parsing of the...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the MakeTable in the decompression routine when bit-length values from a crafted firmware blob exceed the expected range, leading to stack memory corruption in the Count array and related decode tables. An...
OSV-2026-535 Security exception in org.htmlunit.cyberneko.HTMLTagBalancer.endElement
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=499447433 Crash type: Security exception Crash state: org.htmlunit.cyberneko.HTMLTagBalancer.endElement java.base/sun.nio.cs.CESU8.updatePositions java.base/sun.nio.cs.CESU8$Encoder.encodeArrayLoop...
GHSA-8PFC-JJGW-6G26 SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parser
Summary The @nyariv/sandboxjs parser contains unbounded recursion in the restOfExp function and the lispify/lispifyExpr call chain. An attacker can crash any Node.js process that parses untrusted input by supplying deeply nested expressions e.g., 2000 nested parentheses, causing a RangeError:...
RHEL 9 : rhc (RHSA-2026:4901)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4901 advisory. rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management. Security...
EulerOS 2.0 SP13 : libxslt (EulerOS-SA-2026-1253)
According to the versions of the libxslt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application...
Fedora 42 : openssl (2026-9bb4c555f1)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9bb4c555f1 advisory. Don't crash on parsing PKCS12 without MAC Resolves: CVE-2025-11187 Resolves: CVE-2025-15467 Resolves: CVE-2025-69419 Tenable has extracted the...
CVE-2026-25128
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-rang...
SUSE CVE-2025-68281
In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list "struct sdcacontrol" declares "values" field as integer array. But the memory allocated to it is of char array. This causes crash for sdcaparsefunction API. This patch...
EUVD-2025-203739
In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list "struct sdcacontrol" declares "values" field as integer array. But the memory allocated to it is of char array. This causes crash for sdcaparsefunction API. This patch...
UBUNTU-CVE-2025-68281
In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list "struct sdcacontrol" declares "values" field as integer array. But the memory allocated to it is of char array. This causes crash for sdcaparsefunction API. This patch...
CVE-2025-68281
The CVE-2025-68281 entry concerns the Linux kernel ASoC SDCA component. The root cause is a mismatch in the sdca_control structure where the values field is declared as an integer array but memory was allocated as a char array, causing a crash in the sdca_parse_function API. A patch was applied t...
OSV-2025-983 Dynamic-stack-buffer-overflow in _ox_err_set_with_location
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=468138858 Crash type: Dynamic-stack-buffer-overflow READ 1 Crash state: oxerrsetwithlocation readelement oxparse...
Ubuntu 16.04 LTS / 18.04 LTS : Raptor vulnerabilities (USN-7869-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7869-1 advisory. Hanno Bck discovered that Raptor incorrectly handled memory operations when processing certain input files. An attacker could possibly use th...