4028 matches found
freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface
A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusbudevselectinterface...
firefox: thunderbird: Privilege escalation in the Debugger component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Debugger component...
firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...
firefox: thunderbird: Privilege escalation in the Debugger component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Debugger component...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
CVE-2018-25282
Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential entity expansion. Attackers can create a crafted XML file with nested entity definitions and open it through ZenMap's scan import...
CVE-2026-6785
Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...
GHSA-X4MJ-7F9G-29H4 vulnerabilities
Vulnerabilities for packages: k8sgateway, external-dns, k8sgateway-fips, external-dns-fips...
CVE-2026-31683
In the Linux kernel, the following vulnerability has been resolved: batman-adv: avoid OGM aggregation when skb tailroom is insufficient When OGM aggregation state is toggled at runtime, an existing forwarded packet may have been allocated with only packetlen bytes, while a later packet can still ...
GHSA-5JV8-H7QH-RF5P vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines...
CVE-2026-42171
NSIS Nullsoft Scriptable Install System 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges if they can cause myGetTempFileName to return 0, as shown in the references...
CVE-2026-40886 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines...
CVE-2026-41415
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an out-of-bounds read when parsing a malformed Content-ID URI in SIP multipart message body. Insufficient length validation can cause reads beyond the intended buffer bounds. This...
CVE-2026-41677
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.0 to before 0.10.78, the frompemcallback APIs did not validate the length returned by the user's callback. A password callback that returns a value larger than the buffer it was given can cause some versions of...
CVE-2026-41678
rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrapkey contains an incorrect assertion: it checks that out.len + 8 = in.len - 8, ensuring the output buffer is large enough. Because of the inverted check, the function only accepts buffers a...
CVE-2026-41681
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.39 to before 0.10.78, EVPDigestFinal always writes EVPMDCTXsizectx to the out buffer. If out is smaller than that, MdCtxRef::digestfinal writes past its end, usually corrupting the stack. This is reachable from sa...
CVE-2026-31631
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix buffer overread in rxgkdoverifyauthenticator Fix rxgkdoverifyauthenticator to check the buffer size before checking the nonce...
giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension
A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension GCE block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of...
GHSA-R65V-XGWC-G56J vulnerabilities
Vulnerabilities for packages: openbao...