CVE-2026-48140

There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...

CVE-2026-48141

NI grpc-device contains a memory leak in BeginSidebandStream that may lead to denial of service via memory exhaustion. Affected product: NI grpc-device 2.17.0 and earlier. The provided documents do not specify an available fix or remediation; no exploitation details are provided. Monitor for upda...

CVE-2026-48141 Memory leak in NI grpc-device BeginSidebandStream

There is a memory leak in NI grpc-device BeginSidebandStream that may result in denial of service due to memory exhaustion. This affects NI grpc-device 2.17.0 and prior versions...

CVE-2026-48140 Unchecked enum cast vulnerability in NI grpc-device in BeginSidebandStream

There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...

CVE-2026-48140

NI grpc-device contains an unchecked enum cast vulnerability in BeginSidebandStream affecting version 2.17.0 and earlier. The issue allows triggering invalid enum states and undefined behavior, potentially leading to a denial of service. Exploitation requires sending a specially crafted message w...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Drivers: Ethernet: cpsw – Fixed a panic that occurs when the coalece interrupt is set using ethtool. The cpswethtoolbegin function directly returns the result of pmruntimegetsync when it is successful. pmruntimegetsync returns...

EUVD-2026-32269

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...

UBUNTU-CVE-2026-45984

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...

CVE-2026-45984 gfs2: Fix use-after-free in iomap inline data write path

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...

PT-2026-43851

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the gfs2 iomap inline data write path. The inline data buffer head dibh is released prematurely in the gfs2 iomap begin function via release metapath,...

Astra Linux - уязвимость в haproxy

A vulnerability related to information leaks was discovered in HAProxy versions 2.1, 2.2 before 2.2.27, 2.3, and 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, and 2.7 before 2.7.1. There are 5 bytes that are not initialized in the connection buffer when encoding the FCGIBEGINREQUEST...

CVE-2026-44599

A flaw was found in Tor. This vulnerability allows a remote attacker to manipulate directory information by attempting or accepting specific BEGINDIR messages through an internal mechanism known as conflux legs. This could result in a low integrity impact, where the accuracy or trustworthiness of...

GHSA-G588-CJG3-6G78 Steamworks game clients/servers using P2P authentication vulnerable to denial of service

Processing the raw ValidateAuthTicketResponset callback data panics when the meAuthSessionResponse field is kEAuthSessionResponseAuthTicketNetworkIdentityFailure. This can lead to denial of service in game clients and servers using the beginauthenticationsession API to authenticate players if a...

openSUSE 16 Security Update : tor (openSUSE-SU-2026:20709-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20709-1 advisory. Changes in tor: - Update to 0.4.9.8 Fix out-of-bounds read boo1264341, CVE-2026-44597, TROVE-2026-011 Do not attempt or accept BEGINDIR via...

SUSE CVE-2026-44599

Tor before 0.4.9.7 can attempt or accept BEGINDIR via conflux legs, aka TROVE-2026-008...

SUSE CVE-2026-44603

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007...

CVE-2026-44603

A flaw was found in Tor. A remote attacker can exploit this vulnerability by sending a specially crafted malformed BEGIN cell, leading to an out-of-bounds read. This issue can result in a low impact Denial of Service DoS, making the service unavailable to legitimate users...

CVE-2026-44603

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007...

EUVD-2026-28306

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007...

CVE-2026-44603

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007...