11767 matches found
SUSE-SU-2026:20121-1 Security update for libheif
This update for libheif fixes the following issues: - CVE-2025-68431: heap buffer over-read in HeifPixelImage::overlay via crafted HEIF file that exercises the overlay image item path bsc1255735...
CVE-2025-66692
A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-66692
A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...
PT-2026-3650
A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-66692
A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...
MiracleLinux 9 : squid-5.2-1.el9.2 (AXSA:2022-4089:04)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-4089:04 advisory. squid: buffer-over-read in SSPI and SMB authentication CVE-2022-41318 Tenable has extracted the preceding description block directly from the MiracleLinux...
CVE-2025-66692
CVE-2025-66692 affects Binance - Trust Wallet Core. A buffer over-read in PublicKey::verify() prior to commit 5668c67 enables DoS via crafted input. Affected: Trust Wallet Core library; root cause: buffer over-read in verify(). Remediation: upgrade wallet-core to 4.4.0+ (e.g., 4.4.0 or newer). Ex...
MiracleLinux 7 : python-pillow-2.0.0-23.gitd1c6db8.el7 (AXSA:2022-3076:01)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3076:01 advisory. python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions CVE-2022-22817 python-pillow: buffer over-read during initialization of...
MiracleLinux 7 : squid-3.5.20-17.el7.10 (AXSA:2024-7673:03)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7673:03 advisory. squid: denial of service in HTTP header parser CVE-2024-25617 squid: denial of service in HTTP request parsing CVE-2023-50269 squid: Buffer over-rea...
MiracleLinux 7 : libsndfile-1.0.25-12.el7 (AXSA:2020-582:03)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-582:03 advisory. CVE-2018-19662 An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alawarray in alaw.c that will lead to a denial of...
MiracleLinux 8 : squid:4 (AXSA:2022-3877:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3877:01 advisory. squid: buffer-over-read in SSPI and SMB authentication CVE-2022-41318 Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 4 : httpd24-httpd-2.4.25-9.AXS4.1 (AXSA:2017-2175:02)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2175:02 advisory. It was discovered that the httpd's modauthdigest module did not properly initialize memory before using it when processing certain headers related t...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000899)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000899 advisory. The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service buffer...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004237)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004237 advisory. A buffer over-read flaw was found in RH kernel versions before 5.0 in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module,...
MiracleLinux 4 : freetype-2.3.11-19.AXS4 (AXSA:2019-4408:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4408:01 advisory. freetype: a heap-based buffer over-read in T1GetPrivateDict in type1/t1parse.c leading to information disclosure CVE-2015-9381 freetype: mishandling...
CVE-2025-60003
A Buffer Over-read vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When an affected device receives a BGP update with a set of specific optional transitive...
CVE-2025-60003 Junos OS and Junos OS Evolved: BGP update with a set of specific attributes causes rpd crash
A Buffer Over-read vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When an affected device receives a BGP update with a set of specific optional transitive...
CVE-2025-60003
CVE-2025-60003 affects Juniper Networks Junos OS and Junos OS Evolved. A Buffer Over-read in the routing protocol daemon (rpd) can be triggered by a BGP update containing specific optional transitive attributes when peers are not 4-byte-AS capable, causing the rpd process to crash and the device ...
CVE-2025-60003 Junos OS and Junos OS Evolved: BGP update with a set of specific attributes causes rpd crash
A Buffer Over-read vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When an affected device receives a BGP update with a set of specific optional transitive...
EUVD-2026-2712
A Buffer Over-read vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When an affected device receives a BGP update with a set of specific optional transitive...