5779 matches found
Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2026-1383)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libpng (EulerOS-SA-2026-1315)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2026-1326)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libpng (EulerOS-SA-2026-1341)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2026-1414)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2026-1525)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.12.1 : libpcap (EulerOS-SA-2026-1436)
According to the versions of the libpcap package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : pcapetheraton is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string...
EulerOS 2.0 SP12 : libpcap (EulerOS-SA-2026-1399)
According to the versions of the libpcap package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : pcapetheraton is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must ...
SUSE SLES12 Security Update : libpng15 (SUSE-SU-2026:0898-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:0898-1 advisory. - CVE-2025-64505: heap buffer over-read in 'pngdoquantize' via malformed palette index bsc1254157. Tenable has extracted the preceding description bloc...
AlmaLinux 8 : mingw-libpng (ALSA-2026:4306)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4306 advisory. libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API CVE-2026-22801 libpng: libpng: Denial of servi...
ImageMagick has Heap Out-of-Bounds Read in DCM Decoder (ReadDCMImage)
A heap out-of-bounds read vulnerability exists in the coders/dcm.c module. When processing DICOM files with a specific configuration, the decoder loop incorrectly reads bytes per iteration. This causes the function to read past the end of the allocated buffer, potentially leading to a Denial of...
mingw-libpng security update
An update is available for mingw-libpng. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MinGW Windows Libpng library. Security Fixes: libpng: libpng: Informatio...
EUVD-2026-11482
yauzl aka Yet Another Unzip Library version 3.2.0 for Node.js contains an off-by-one error in the NTFS extended timestamp extra field parser within the getLastModDate function. The while loop condition checks cursor data.length + 4 instead of cursor + 4 = data.length, allowing readUInt16LE to rea...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: raptor2 (UTSA-2026-006052)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006052 advisory. In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptorntriplesparseterminternal...
CVE-2026-31988
yauzl aka Yet Another Unzip Library version 3.2.0 for Node.js contains an off-by-one error in the NTFS extended timestamp extra field parser within the getLastModDate function. The while loop condition checks cursor data.length + 4 instead of cursor + 4 = data.length, allowing readUInt16LE to rea...
UBUNTU-CVE-2026-31988
yauzl aka Yet Another Unzip Library version 3.2.0 for Node.js contains an off-by-one error in the NTFS extended timestamp extra field parser within the getLastModDate function. The while loop condition checks cursor data.length + 4 instead of cursor + 4 = data.length, allowing readUInt16LE to rea...
CVE-2026-31988
yauzl aka Yet Another Unzip Library version 3.2.0 for Node.js contains an off-by-one error in the NTFS extended timestamp extra field parser within the getLastModDate function. The while loop condition checks cursor data.length + 4 instead of cursor + 4 = data.length, allowing readUInt16LE to rea...
CVE-2026-31988
yauzl aka Yet Another Unzip Library version 3.2.0 for Node.js contains an off-by-one error in the NTFS extended timestamp extra field parser within the getLastModDate function. The while loop condition checks cursor data.length + 4 instead of cursor + 4 = data.length, allowing readUInt16LE to rea...
CVE-2026-31988
Vulnerability in yauzl 3.2.0 (Node.js): an off‑by‑one bug in the NTFS extended timestamp extra field parser inside getLastModDate() allows readUInt16LE() to exceed the buffer when the loop condition is cursor < data.length + 4 instead of cursor + 4
PT-2026-24893
Name of the Vulnerable Software and Affected Versions yauzl version 3.2.0 Description yauzl, also known as Yet Another Unzip Library, version 3.2.0 for Node.js contains an off-by-one error within the getLastModDate function, specifically in the NTFS extended timestamp extra field parser. The...