1001 matches found
CVE-2026-6477
A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...
microtar security vulnerabilities
microtar is a lightweight ANSI C language tar library developed by rxi’s individual developers. Versions of microtar 0.1.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the rawtoheader function using strcpy to copy fields in the ustar format that are not empty...
UBUNTU-CVE-2026-46173
In the Linux kernel, the following vulnerability has been resolved: exit: prevent preemption of oopsing TASKDEAD task When an already-exiting task oopses, maketaskdead currently calls dotaskdead with preemption enabled. That is forbidden: dotaskdead calls schedule, which has a comment saying...
CVE-2026-46173
In the Linux kernel, the following vulnerability has been resolved: exit: prevent preemption of oopsing TASKDEAD task When an already-exiting task oopses, maketaskdead currently calls dotaskdead with preemption enabled. That is forbidden: dotaskdead calls schedule, which has a comment saying...
PT-2026-44296
In the Linux kernel, the following vulnerability has been resolved: exit: prevent preemption of oopsing TASK DEAD task When an already-exiting task oopses, make task dead currently calls do task dead with preemption enabled. That is forbidden: do task dead calls schedule, which has a comment sayi...
CVE-2026-39461
libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...
CVE-2026-39461 select(2) file descriptor set overflow causes stack overflow
libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...
CVE-2026-39461
libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...
EUVD-2026-31258
libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...
FreeBSD 安全漏洞
FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. There is a security vulnerability in FreeBSD, which stems from the lack of verification that the socket descriptors are within the FDSETSIZE limit, potentially leading to stack corruption. If the target application runs...
FreeBSD : FreeBSD -- select(2) file descriptor set overflow causes stack overflow (90fe1784-54b6-11f1-8d7a-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 90fe1784-54b6-11f1-8d7a-bc241121aa0a advisory. libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fixed stack handling in idlekvmstartguest In commit 10d91611f426 “powerpc/64s: Reimplemented the book3s idle code in C”, kvmstartguest became idlekvmstartguest. The old code allocated a stack frame on the...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Enforce hcall result buffer validity and size. The plparhcall, plparhcall9, and related functions expect callers to provide valid result buffers of a certain minimum size. Currently, this is communicated only...
CVE-2026-45232
Rsync
FreeBSD-SA-26:22.libcasper
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:22.libcasper Security Advisory The FreeBSD Project Topic: select2 file descriptor set overflow causes stack overflow Category: core Module: libcasper...
Astra Linux - уязвимость в chromium
Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. Chromium security severity: Medium...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv-len is a multiple of 4, then dstlen / 4 can write past the destination array which leads to stack corruption. This construct is necessary to clean the remainder of t...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: gadgetfs: epio - wait until IRQ finishes after usbepqueue if waitforcompletioninterruptible is interrupted we need to wait until IRQ gets finished. Otherwise complete from epiocomplete can corrupt stack...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: libbpf: Use of the OPTSSET macro in bpfxdpquery When the featureFlags and xdpzcmaxsegs fields were added to the libbpf bpfxdpQueryOpts structure, the code that wrote these fields did not use the OPTSSET macro. This causes libbpf ...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix stack corruption When tc filters are first added to a net device, the corresponding local port gets bound to an ACL group in the device. The group contains a list of ACLs. In turn, each ACL points to a...