11723 matches found
CVE-2025-59609 Buffer Over-read in WLAN Host Communication
Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length...
httpd: mod_proxy_ajp: heap-based buffer over-read and memory disclosure in ajp_parse_data()
A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the ajpparsedata function attempts to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue potentially lea...
postfix: Fix of CVE-2026-43964
makedefs: support Linux kernel = 3 on build hosts - CVE-2026-43964: fix buffer over-read on enhanced status code without trailing text...
Linux Distros Unpatched Vulnerability : CVE-2026-45624
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - Unknown description CVE-2026-45624 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenabl...
CLSA-2026-1779298645 postfix: Fix of CVE-2026-43964
CVE-2026-43964: fix buffer over-read in dsnsplit when an enhanced status code is not followed by other text...
Astra Linux - уязвимость в glusterfs
In Gluster GlusterFS 11.0, there is a stack-based buffer over-read issue in xlators/mount/fuse/src/fuse-bridge.c...
SUSE CVE-2026-6575
Buffer over-read in PostgreSQL function pgrestoreattributestats accepts array values of unmatched length, which causes query planning to read past end of one array. This allows a table maintainer to infer memory values past that array end. Within major version 18, minor versions before PostgreSQL...
CLSA-2026-1779095130 postfix: Fix of CVE-2026-43964
CVE-2026-43964: fix buffer over-read in dsnsplit when an enhanced status code is not followed by other text...
PT-2026-41776
An invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation...
OESA-2026-2318 httpd security update
Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to...
BIT-NGINX-2026-42934 NGINX ngx_http_charset_module vulnerability
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When charset, sourcecharset, and charsetmap and proxypass with disabled buffering "off" directives are configured, unauthenticated attackers can send requests that with conditions beyond the attackers' contr...
PT-2026-40925
Name of the Vulnerable Software and Affected Versions PostgreSQL versions 18.0 through 18.3 Description A buffer over-read occurs in the pg restore attribute stats function when it accepts array values of unmatched length. This causes query planning to read past the end of one array, allowing a...
Vulnerability in core server (CVE-2026-6575)
PostgreSQL pgrestoreattributestats accepts values that cause query planning to read past end of stats array Buffer over-read in PostgreSQL function pgrestoreattributestats accepts array values of unmatched length, which causes query planning to read past end of one array. This allows a table...
Linux Distros Unpatched Vulnerability : CVE-2026-6575
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer over-read in PostgreSQL function pgrestoreattributestats accepts array values of unmatched length, which causes query planning to read past end of one...
CVE-2026-34336
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
PT-2026-40679
Name of the Vulnerable Software and Affected Versions NGINX Plus affected versions not specified NGINX Open Source affected versions not specified Description A heap buffer over-read exists in the ngx http charset module module. This occurs when the charset, source charset, charset map, and proxy...
CLSA-2026-1778614426 httpd: Fix of 9 CVEs
CVE-2026-24072: fix modrewrite apexpr privilege escalation in htaccess - CVE-2026-28780: fix modproxyajp ajpmsgcheckheader buffer over-read - CVE-2026-29169: fix moddavlock NULL pointer dereference - CVE-2026-33006: fix modauthdigest timing attack - CVE-2026-33007: fix modauthnsocache NULL...
CVE-2026-34336
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
Windows DWM Core Library Elevation of Privilege Vulnerability
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
Unity Linux 20.1060e / 20.1070e Security Update: SDL (UTSA-2026-017561)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017561 advisory. SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMAADPCMnibble in audio/SDLwave.c. Tenable has extracted the preceding...