OESA-2026-1524 ocaml security update

OCaml is a high-level, strongly-typed, functional and object-oriented programming language from the ML family of languages. This package includes runtime environment, X11 support ,Documentation generator and emacs. Security Fixes: In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in...

OESA-2026-1523 ocaml security update

OCaml is a high-level, strongly-typed, functional and object-oriented programming language from the ML family of languages. This package includes runtime environment, X11 support ,Documentation generator and emacs. Security Fixes: In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in...

OESA-2026-1522 ocaml security update

OCaml is a high-level, strongly-typed, functional and object-oriented programming language from the ML family of languages. This package includes runtime environment, X11 support ,Documentation generator and emacs. Security Fixes: In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in...

ROS-20260306-73-0029

A vulnerability in the softwarenodegetreferenceargs function of the Linux operating system kernel is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability may allow an intruder to affect the confidentiality of protected information...

Security update for libsoup2

This update for libsoup2 fixes the following issues: CVE-2025-32049: denial of service attack to websocket server bsc1240751. CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests bsc1257398. CVE-2026-1539: proxy authentication credentials leaked via the...

Alibaba Cloud Linux 3 : 0043: php:7.4 (ALINUX3-SA-2026:0043)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0043 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-11233: In PHP versions 8.1. befor...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libpng (UTSA-2026-005396)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005396 advisory. LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.26 to 1.6.53, ther...

MiracleLinux 9 : libpng-1.6.37-12.el9_7.2 (AXSA:2026-246:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-246:05 advisory. libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API CVE-2026-22801 libpng: libpng: Denial of...

Oracle Linux 10 : libpng (ELSA-2026-3551)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3551 advisory. - fix CVE-2026-25646: heap buffer overflow in pngsetquantize RHEL-148323 - fix CVE-2026-22695: heap buffer over-read in pngimagefinishread RHEL-148818...

RockyLinux 9 : libpng (RLSA-2026:3405)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3405 advisory. libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API CVE-2026-22801 libpng: libpng: Denial of...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libsoup2 (SUSE-SU-2026:0657-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0657-1 advisory. - CVE-2025-32049: denial of Service attack to websocket server bsc1240751. - CVE-2026-2369: buff...

Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited

Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm component used in Android devices has been exploited in the wild. The vulnerability in question is CVE-2026-21385 CVSS score: 7.8, a buffer over-read in the Graphics component. "Memory corruption when...

Important: Red Hat Security Advisory: libpng security update

An update for libpng is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: libpng security update

An update for libpng is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2025-59600 Buffer Over-read in Graphics

Memory Corruption when adding user-supplied data without checking available buffer space...

CVE-2025-59600 Buffer Over-read in Graphics

Memory Corruption when adding user-supplied data without checking available buffer space...

SUSE SLES15 Security Update : libsoup (SUSE-SU-2026:0689-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0689-1 advisory. - CVE-2025-32049: denial of Service attack to websocket server bsc1240751. - CVE-2026-2369: buffer overread due to integer underflo...

Linux Distros Unpatched Vulnerability : CVE-2026-28364

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase...

lily 缓冲区错误漏洞

Lily is a programming language developed by FascinatedBox’s individual developers. Versions of Lily prior to 2.3 contained a buffer error vulnerability, which stemmed from an out-of-bounds read in the patchlineend function within the component’s Error Reporting module, located at...

PT-2026-36802

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.67 Description An improper null termination leads to an out-of-bounds read in the mod proxy ajp module. Specifically, the ajp msg get string function fails to perform a null-termination check, which may...