PT-2026-35078

Name of the Vulnerable Software and Affected Versions BACnet Stack versions prior to 1.4.3 Description An out-of-bounds read exists in the ReadPropertyMultiple service property decoder. Unauthenticated remote attackers can read past allocated buffer boundaries by sending a ReadPropertyMultiple...

CVE-2026-33999 Xorg: xwayland: x.org x server: denial of service via integer underflow in xkb compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: nginx (UTSA-2026-014284)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014284 advisory. NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to th...

Oracle Linux 10 : wireshark (ELSA-2026-9666)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9666 advisory. - Resolves: RHEL-152921 - CVE-2026-3203 Buffer Over-read - Resolves: RHEL-152912 - CVE-2026-3201 Improperly Controlled Sequential Memory Allocation -...

GHSA-XMGF-HQ76-4VX2 rust-opennssl has an Out-of-bounds read in PEM password callback when returning an oversized length

The frompemcallback APIs did not validate the length returned by the user's callback. A password callback that returns a value larger than the buffer it was given can cause some versions of OpenSSL to over-read this buffer. OpenSSL 3.x is not affected by this...

JLSEC-2026-176

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454...

libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API

A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...

CVE-2026-5928

A flaw was found in glibc GNU C Library. When the ungetwc function is called on a file stream using wide characters with specific overlapping single-byte and multi-byte encodings, it may attempt to read data outside of its allocated buffer. This can lead to the unintentional disclosure of sensiti...

wireshark: Buffer Over-read in Wireshark

A flaw was found in the RF4CE Profile dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a buffer over-read, resulting in a denial of service...

Moderate: Red Hat Security Advisory: wireshark security update

An update for wireshark is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

ALSA-2026:9666 Moderate: wireshark security update

The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fixes: wireshark: Buffer Over-read in Wireshark CVE-2026-3203 wireshark: Improperly Controlled Sequential Memory Allocation in Wireshark CVE-2026-3201 For more...

RHEL 10 : wireshark (RHSA-2026:9666)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9666 advisory. The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006937)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006937 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr...

CVE-2026-0930

CVE-2026-0930 affects wolfSSHd on Windows and describes a potential read-out-of-bounds in the handling of a terminal resize. An authenticated user could trigger the out-of-bounds read after establishing a connection, leaking adjacent stack memory to the pseudo-console output. Public sources (NVD;...

CVE-2026-40492

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read via the ptpunpackEOSFocusInfoEx function. An attacker can cause a crash and potentially access sensitive memory contents by supplying specially crafted input from a malicious USB device. Remediation A fix was pushed int...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ptpunpackSonyDPD function when parsing the enumeration count from a buffer without verifying sufficient data remains. An attacker can cause information disclosure or application instability by providing a craft...

CVE-2026-40335

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in ptpunpackDPV in camlibs/ptp2/ptp-pack.c lines 622–629. The UINT128 and INT128 cases advance offset += 16 without verifying that 16 bytes remain in the buffer. The entry check at li...

SUSE SLED15 / SLES15 Security Update : freerdp (SUSE-SU-2026:1398-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1398-1 advisory. Security fixes: - CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing bsc1258979. - CVE-2026-26955:...

Security update for freerdp

This update for freerdp fixes the following issues: Security fixes: CVE-2026-26271: Buffer overread in FreeRDP icon processing bsc1258979. CVE-2026-26955: Out-of-Bounds write in ClearCodec surface command handler bsc1258982. CVE-2026-26965: Out-of-bounds write in planar bitmap RLE decompression...