11772 matches found
RLSA-2026:25932 Important: postfix security update
The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: buffer over-read via malformed enhanced status code CVE-2026-43964 For more details about the security issues, including the impact, a CVSS score,...
RockyLinux 9 : postfix (RLSA-2026:26205)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:26205 advisory. postfix: buffer over-read via malformed enhanced status code CVE-2026-43964 Tenable has extracted the preceding description block directly from the RockyLinux...
postfix: buffer over-read via malformed enhanced status code
A flaw was found in Postfix. This issue occurs when processing enhanced status codes, specifically an enhanced status code that lacks text following the third number. Depending on the configuration of the server, this allows a remote attacker to cause a buffer over-read of only 1 byte, leading to...
Important: Red Hat Security Advisory: postfix security update
An update for postfix is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
ALSA-2026:26354 Low: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c CVE-2024-34459 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
Important: Red Hat Security Advisory: postfix security update
An update for postfix is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
AlmaLinux 10 : postfix (ALSA-2026:25930)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:25930 advisory. postfix: buffer over-read via malformed enhanced status code CVE-2026-43964 Tenable has extracted the preceding description block directly from the AlmaLinux...
RHEL 8 : postfix (RHSA-2026:25932)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:25932 advisory. The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: buffe...
Buffer Over-read
Overview tornado is a Python web framework and asynchronous networking library, originally developed at FriendFeed. Affected versions of this package are vulnerable to Buffer Over-read via the websocketmask function in the speedups component. An attacker can trigger a read past the end of the mas...
CVE-2026-45359
A flaw was found in ImageMagick. A local attacker could exploit this vulnerability by providing an invalid 'connected-components:keep-top' value during image processing. This could lead to a heap buffer over-read, potentially resulting in information disclosure or a denial of service DoS...
MGASA-2026-0192 Updated postfix packages fix security vulnerability
Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number. CVE-2026-43964...
CVE-2026-42837
Out-of-bounds read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...
EUVD-2026-35591
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...
CVE-2026-42837
CVE-2026-42837 describes a buffer over-read in the Windows Projected File System Filter Driver that allows an authenticated local attacker to elevate privileges. The affected component is the Windows Projected File System Filter Driver; root cause is a buffer over-read within the filter driver. T...
EUVD-2026-35421
A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read that crashes the LDAP server during authentication...
CVE-2026-11787 389-ds-base: 389-ds-base: heap buffer over-read in ldap_utf8prev() via str2simple filter parsing
A flaw was found in 389 Directory Server. The ldaputf8prev function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior...
PT-2026-47777
Name of the Vulnerable Software and Affected Versions 389 Directory Server affected versions not specified Description A flaw exists in the ldap utf8prev function where bytes are read before the start of a buffer without proper bounds checking. This leads to a heap buffer over-read during string...
CVE-2026-44185
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
UBUNTU-CVE-2026-44185
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
EUVD-2026-35099
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...