RHEL 8 : util-linux (RHSA-2026:1852)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1852 advisory. The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these...

AzeoTech DAQFactory Pro CTL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

AlmaLinux 10 : util-linux (ALSA-2026:1696)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:1696 advisory. util-linux: util-linux: Heap buffer overread in setpwnam when processing 256-byte usernames CVE-2025-14104 Tenable has extracted the preceding description block...

Moderate: util-linux security update

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fixes: util-linux: util-linux: Heap buffer overread in setpwnam when processing...

CVE-2025-47402 Buffer Over-read in WLAN Firmware

Transient DOS when processing a received frame with an excessively large authentication information element...

CVE-2026-24852 iccDEV has a heap-buffer-overflow in icXmlParseTextString()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, a heap buffer over-read when the strlen function attempts to read a non-null-terminated buffer potentially leaking heap memory...

ROS-20260128-73-0055

Vulnerability in kernel-lt related to reading outside buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2026-24823 A heap-based buffer over-read or buffer overflow vulnerability in FASTSHIFT/X-TRACK

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in FASTSHIFT X-TRACK Software/X-Track/USER/App/Utils/lvimgpng/PNGdec/src modules. This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7...

CVE-2026-24823 A heap-based buffer over-read or buffer overflow vulnerability in FASTSHIFT/X-TRACK

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in FASTSHIFT X-TRACK Software/X-Track/USER/App/Utils/lvimgpng/PNGdec/src modules. This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7...

CVE-2026-24821 A heap-based buffer over-read that might affect a system that compiles untrusted Lua code in turanszkij/WickedEngine.

Out-of-bounds Read vulnerability in turanszkij WickedEngine WickedEngine/LUA modules. This vulnerability is associated with program files lparser.C. This issue affects WickedEngine: through 0.71.727...

CVE-2026-24800 A heap-based buffer over-read or buffer overflow in tildearrow/furnace

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in tildearrow furnace extern/zlib modules. This vulnerability is associated with program files inflate.C...

CVE-2026-24800

CVE-2026-24800 describes an out-of-bounds write / buffer copy without size checks in the tildearrow furnace code path, specifically in extern/zlib modules’ inflate.C. The vulnerability is characterized as a heap-based overflow/over-read with high impacts to confidentiality, integrity, and availab...

CVE-2026-24799 A heap-based buffer over-read or buffer overflow in davisking/dlib

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in davisking dlib dlib/external/zlib modules. This vulnerability is associated with program files inflate.C. This issue affects dlib: before v19.24.9...

CVE-2026-24799

CVE-2026-24799 affects davisking/dlib (dlib/external/zlib) with an out-of-bounds write in inflate.C. Affected versions are before v19.24.9; the vulnerability is triggered via a classic buffer overflow in a local context (attack vector: local, complexity: low, privileges: low, user interaction: ac...

CVE-2026-24793 A heap-based buffer over-read or buffer overflow vulnerability in azerothcore/azerothcore-wotlk

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in azerothcore azerothcore-wotlk deps/zlib modules. This vulnerability is associated with program files inflate.C. This issue affects azerothcore-wotlk: through v4.0.0...

CVE-2026-1465 A heap-based buffer over-read or buffer overflow in tildearrow/furnace

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in anyrtcIO-Community anyRTC-RTMP-OpenSource thirdparty/faad2-2.7/libfaad modules. This vulnerability is associated with program files bits.C, syntax.C. This issue affects anyRTC-RTMP-OpenSource: before 1.0...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005011)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005011 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr...

ROS-20260126-73-0041

A vulnerability in the drivers/net/ppp/pppsynctty.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data and also cause a denial of service...

ROS-20260126-73-0057

A vulnerability in the isofs component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

openSUSE 16 Security Update : libheif (openSUSE-SU-2026:20076-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20076-1 advisory. - CVE-2025-68431: heap buffer over-read in HeifPixelImage::overlay via crafted HEIF file that exercises the overlay image item path bsc1255735. Tenable...