Medium: libsoup

Issue Overview: A flaw was found in libsoup. The libsoup appendparamquoted function may contain an overflow bug resulting in a buffer under-read. CVE-2025-32050 A flaw was found in libsoup. A vulnerability in the sniffunknown function may lead to heap buffer over-read. CVE-2025-32052 A flaw was...

Advisory ROSA-SA-2026-3188

Software: libpng 1.6.34 OS: ROSA Virtualization 2.1 unaffected versions = libpng-1.6.34-9.0.1.1.rv3 affected versions libpng-1.6.34-9.0.1.rv3 CVE-ID: CVE-2025-64720 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Read outside buffer vulnerability in LIBPNG: The pngimagereadcomposite function incorrectly...

Advisory ROSA-SA-2026-3168

Software: libpng 1.6.34 OS: ROSA Virtualization 3.0 unaffected versions = libpng-1.6.34-9.0.1.1.rv30 affected versions libpng-1.6.34-9.0.1.rv30 CVE-ID: CVE-2025-64720 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Read Outside Buffer Vulnerability in LIBPNG: The pngimagereadcomposite function incorrectly...

Advisory ROSA-SA-2026-3138

Software: curl 7.61.1 OS: ROSA Virtualization 3.0 unaffected versions = curl-7.61.1-34.0.2.rv30.9 affected versions curl-7.61.1-34.0.2.rv30.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffe...

EUVD-2026-5885

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping TTLM elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. Note that access point...

CLSA-2026-1771002358 libpng: Fix of CVE-2026-22801

CVE-2026-22801: fix heap buffer over-read in pngimagewrite...

CVE-2026-20846

Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network...

CVE-2026-20846

Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network...

GDI+ Denial of Service Vulnerability

Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network...

PT-2026-7331

Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network...

PT-2026-7457

The mongo-go-driver repository contains CGo bindings for GSSAPI Kerberos authentication on Linux and macOS. The C wrapper implementation contains a heap out-of-bounds read vulnerability due to incorrect assumptions about string termination in the GSSAPI standard. Since GSSAPI buffers are not...

MiracleLinux 8 : util-linux-2.32.1-48.el8_10 (AXSA:2026-146:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-146:02 advisory. util-linux: util-linux: Heap buffer overread in setpwnam when processing 256-byte usernames CVE-2025-14104 Tenable has extracted the preceding description blo...

openSUSE Security Advisory (SUSE-SU-2026:0377-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RockyLinux 8 : util-linux (RLSA-2026:1852)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1852 advisory. util-linux: util-linux: Heap buffer overread in setpwnam when processing 256-byte usernames CVE-2025-14104 Tenable has extracted the preceding description block...

RLSA-2026:1696 Moderate: util-linux security update

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fixes: util-linux: util-linux: Heap buffer overread in setpwnam when processing...

RLSA-2026:1913 Moderate: util-linux security update

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fixes: util-linux: util-linux: Heap buffer overread in setpwnam when processing...

ROS-20260205-73-0001

A vulnerability in the net/can/bcm.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability may allow an attacker to gain access to sensitive data and also cause a denial of service...

RockyLinux 10 : util-linux (RLSA-2026:1696)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1696 advisory. util-linux: util-linux: Heap buffer overread in setpwnam when processing 256-byte usernames CVE-2025-14104 Tenable has extracted the preceding description block...

RockyLinux 9 : util-linux (RLSA-2026:1913)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1913 advisory. util-linux: util-linux: Heap buffer overread in setpwnam when processing 256-byte usernames CVE-2025-14104 Tenable has extracted the preceding description block...

SUSE-SU-2026:0377-1 Security update for libheif

This update for libheif fixes the following issues: - CVE-2025-68431: Fixed heap buffer over-read in HeifPixelImage::overlay via crafted HEIF that exercises the overlay image item bsc1255735...