EulerOS 2.0 SP11 : xorg-x11-server (EulerOS-SA-2025-1682)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device rema...

EulerOS 2.0 SP12 : libxkbfile (EulerOS-SA-2025-1596)

According to the versions of the libxkbfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed- sized buffer on the stack and copies the...

Alibaba Cloud Linux 3 : 0041: tigervnc (ALINUX3-SA-2025:0041)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0041 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-26594: A use-after-free flaw was...

RHEL 6 / 7 : php54-php (RHSA-2015:1219)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1219 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart...

Amazon Linux 2023 : xorg-x11-server-Xwayland, xorg-x11-server-Xwayland-devel (ALAS2023-2025-895)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-895 advisory. A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to...

Amazon Linux 2 : xorg-x11-server (ALAS-2025-2791)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2791 advisory. A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to free...

Important: xorg-x11-server-Xwayland

Issue Overview: A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free. CVE-2025-26594 A buffer overflow flaw was found ...

Important: xorg-x11-server

Issue Overview: A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free. CVE-2025-26594 A buffer overflow flaw was found ...

Linux Distros Unpatched Vulnerability : CVE-2015-2806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer overflow in asn1derdecoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors. CVE-2015-2806 Note...

CVE-2025-26595

A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size...

CVE-2025-26597

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...

CVE-2025-26597 Xorg: xwayland: buffer overflow in xkbchangetypesofkey()

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...

CVE-2025-26597

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...

CVE-2025-26595

CVE-2025-26595 is a buffer overflow in X.Org/Xwayland where XkbVModMaskText() uses a fixed-size stack buffer without proper bounds checking. The issue affects Xorg-x11-server-Xwayland. Advisories indicate a fix is available in newer package releases (e.g., Xwayland/Xorg servers updated to 24.1.3 ...

RHEL 6 : mariadb55-mariadb (RHSA-2014:0189)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0189 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. This update fixes several vulnerabilities ...

NewStart CGSL MAIN 6.02 : brotli Vulnerability (NS-SA-2024-0059)

The remote NewStart CGSL host, running version MAIN 6.02, has brotli packages installed that are affected by a vulnerability: - A buffer overflow flaw was found in the Brotli library where an attacker could control the input length of a one-shot decompression request to a script that can trigger ...

Ubuntu: Security Advisory (USN-5054-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-3628

A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges...

Stack-based Buffer Overflow

The Network Time Protocol NTP is vulnerable to Stack-based Buffer Overflow. A buffer overflow flaw was found in the ntpq diagnostic command. A malicious, remote server could send a specially-crafted reply to an ntpq request that could crash ntpq or, potentially, execute arbitrary code with the...

SUSE-SU-2019:2613-1 Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2)

This update for the Linux Kernel 4.4.121-92101 fixes one issue. The following security issue was fixed: - CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest...