SUSE-SU-2026:20127-1 Security update for libpng16

This update for libpng16 fixes the following issues: - CVE-2026-22695: Fixed heap buffer over-read in pngimagefinishread bsc1256525. - CVE-2026-22801: Fixed integer truncation causing heap buffer over-read in pngimagewrite bsc1256526...

OPENSUSE-SU-2026:20083-1 Security update for libpng16

This update for libpng16 fixes the following issues: - CVE-2026-22695: Fixed heap buffer over-read in pngimagefinishread bsc1256525. - CVE-2026-22801: Fixed integer truncation causing heap buffer over-read in pngimagewrite bsc1256526...

ROS-20260122-73-0032

Vulnerability in ImageMagick7 related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

Azure Linux 3.0 Security Update: glusterfs (CVE-2023-26253)

The version of glusterfs installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-26253 advisory. - In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer...

CVE-2026-22801

A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...

SUSE-SU-2026:0192-1 Security update for libpng16

This update for libpng16 fixes the following issues: - CVE-2026-22695: Fixed heap buffer over-read in pngimagefinishread bsc1256525...

Security update for libpng16

This update for libpng16 fixes the following issues: CVE-2026-22695: Fixed heap buffer over-read in pngimagefinishread bsc1256525 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

ROS-20260121-73-0026

A vulnerability in the drivers/ntb/hw/mscc/ntbhwswitchtec.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and...

CVE-2025-66692

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

Buffer Over-read

Overview trustwallet/wallet-core is a mobile-focused library implementing low-level cryptographic wallet functionality for a high number of blockchains Affected versions of this package are vulnerable to Buffer Over-read via the verify function. An attacker can cause the application to crash or...

Buffer Over-read

Overview @trustwallet/wallet-core is a mobile-focused library implementing low-level cryptographic wallet functionality for a high number of blockchains Affected versions of this package are vulnerable to Buffer Over-read via the verify function. An attacker can cause the application to crash or...

MiracleLinux 8 : pcre-8.42-6.el8 (AXSA:2021-2716:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2716:01 advisory. pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 CVE-2019-20838 pcre: Integer overflow when parsi...

MiracleLinux 9 : squid-5.5-6.el9_3.5 (AXSA:2024-7340:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7340:01 advisory. squid: Denial of Service in SSL Certificate validation CVE-2023-46724 squid: NULL pointer dereference in the gopher protocol code CVE-2023-46728...

CVE-2025-66692

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-66692

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

ROS-20260120-7334

A vulnerability in the net/8021q/vlan.c module of the Linux operating system kernel is related to reading outside buffer boundaries in memory as a result of incorrect resource initialization. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

MiracleLinux 8 : qt5-qtbase-5.15.3-5.el8 (AXSA:2023-7239:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7239:02 advisory. qt: buffer over-read via a crafted reply from a DNS server CVE-2023-33285 qt: allows remote attacker to bypass security restrictions caused by flaw ...

MiracleLinux 8 : libsndfile-1.0.28-10.el8 (AXSA:2020-305:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-305:02 advisory. libsndfile: stack-based buffer overflow in sndfile-deinterleave utility CVE-2018-13139 libsndfile: buffer over-read in the function i2alawarray in...

MiracleLinux 9 : ruby:3.1 (AXSA:2024-8490:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8490:01 advisory. ruby: Buffer overread vulnerability in StringIO CVE-2024-27280 ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Arbitrary memo...

MiracleLinux 9 : dbus-broker-28-5.1.el9 (AXSA:2022-4072:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4072:01 advisory. dbus-broker: a stack buffer over-read if a malicious Exec line is supplied CVE-2022-31212 dbus-broker: null pointer reference when supplying a...