5875 matches found
libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c
A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the --htmlout command line option, causing an application...
Low: Red Hat Security Advisory: libxml2 security update
An update for libxml2 is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Low: Red Hat Security Advisory: libxml2 security update
An update for libxml2 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c
A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the --htmlout command line option, causing an application...
libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c
A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the --htmlout command line option, causing an application...
Low: Red Hat Security Advisory: libxml2 security update
An update for libxml2 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2026-58013 Glib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend"
A flaw was found in GLib. A buffer over-read can occur in giochannelreadlinebackend in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString buffer. This vulnerability can cause a minor information disclosure of 7 bytes ...
CVE-2026-58013
A flaw was found in GLib. A buffer over-read can occur in giochannelreadlinebackend in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString buffer. This vulnerability can cause a minor information disclosure of 7 bytes ...
CVE-2026-58013
A flaw was found in GLib. A buffer over-read can occur in giochannelreadlinebackend in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString buffer. This vulnerability can cause a minor information disclosure of 7 bytes ...
CVE-2026-58013
GLib contains a buffer over-read in g_io_channel_read_line_backend() within giochannel.c when a custom line terminator longer than one is used. This causes memcmp to read past the GString buffer, enabling a minor information disclosure of 7 bytes or a denial of service if the over-read crosses a ...
EUVD-2026-40314
A flaw was found in GLib. A buffer over-read can occur in the gregexreplace function when used with the GREGEXRAW compile flag and case-change replacement escapes because the stringappend function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the stri...
CVE-2026-58012
GLib flaw CVE-2026-58012: buffer over-read in g_regex_replace() when using G_REGEX_RAW with case-change escapes. The string_append() path processes matched substrings via UTF-8 functions even for raw bytes, enabling a minor information disclosure of 1–5 bytes and potential DoS if the over-read cr...
CVE-2026-58012 Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()
A flaw was found in GLib. A buffer over-read can occur in the gregexreplace function when used with the GREGEXRAW compile flag and case-change replacement escapes because the stringappend function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the stri...
CVE-2026-58012 Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()
A flaw was found in GLib. A buffer over-read can occur in the gregexreplace function when used with the GREGEXRAW compile flag and case-change replacement escapes because the stringappend function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the stri...
CVE-2026-58012
A flaw was found in GLib. A buffer over-read can occur in the gregexreplace function when used with the GREGEXRAW compile flag and case-change replacement escapes because the stringappend function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the stri...
CVE-2026-53023
A flaw was found in the Linux kernel's NTFS3 file system driver. The ntfsfillsuper function, responsible for loading the volume label, did not properly null-terminate the converted UTF-8 label. This oversight could allow the ntfs3labelshow function to read beyond the allocated buffer when...
CVE-2026-53149
A flaw was found in the Linux kernel's Thunderbolt driver. The tbpropertyparsedir function, responsible for parsing root directory content, does not properly validate the size of the content against the allocated block size. This oversight allows the system to read beyond the intended memory...
ROS-20260626-73-0010
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2026-6094
CVE-2026-6094: Heap buffer overread in wolfSSL wc_PKCS7_DecodeEnvelopedData during parsing of crafted PKCS7 EnvelopedData. Attack via attacker-supplied data in S/MIME or CMS is possible. Documented impact includes potential confidentiality and availability effects; exploitation status and patch d...
EUVD-2026-39340
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs Why & How dpsdpmessagedebugfswrite dereferences connector-base.state-crtc without checking for NULL. A connector can be connected but not bound to any CRTC e.g...