SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libsoup2 (SUSE-SU-2026:0657-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0657-1 advisory. - CVE-2025-32049: denial of Service attack to websocket server bsc1240751. - CVE-2026-2369: buff...

RockyLinux 9 : libpng (RLSA-2026:3405)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3405 advisory. libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API CVE-2026-22801 libpng: libpng: Denial of...

Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited

Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm component used in Android devices has been exploited in the wild. The vulnerability in question is CVE-2026-21385 CVSS score: 7.8, a buffer over-read in the Graphics component. "Memory corruption when...

Important: Red Hat Security Advisory: libpng security update

An update for libpng is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: libpng security update

An update for libpng is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2025-59600 Buffer Over-read in Graphics

Memory Corruption when adding user-supplied data without checking available buffer space...

CVE-2025-59600 Buffer Over-read in Graphics

Memory Corruption when adding user-supplied data without checking available buffer space...

Linux Distros Unpatched Vulnerability : CVE-2026-28364

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase...

SUSE SLES15 Security Update : libsoup (SUSE-SU-2026:0689-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0689-1 advisory. - CVE-2025-32049: denial of Service attack to websocket server bsc1240751. - CVE-2026-2369: buffer overread due to integer underflo...

PT-2026-36802

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.67 Description An improper null termination leads to an out-of-bounds read in the mod proxy ajp module. Specifically, the ajp msg get string function fails to perform a null-termination check, which may...

lily 缓冲区错误漏洞

Lily is a programming language developed by FascinatedBox’s individual developers. Versions of Lily prior to 2.3 contained a buffer error vulnerability, which stemmed from an out-of-bounds read in the patchlineend function within the component’s Error Reporting module, located at...

OESA-2026-1449 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A flaw was found in SoupServer. This HTTP request smuggling vulnerability occur...

In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.

...

hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()

...

SUSE CVE-2026-26271

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer overread in freerdpimagecopyfromicondata libfreerdp/codec/color.c can be triggered by crafted RDP Window Icon TSICONINFO data. The bug is reachable over the network when a client processes icon data...

SUSE CVE-2026-27799

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the DJVU image format handler. The vulnerability occurs due to integer truncation when calculating the stride ro...

SUSE CVE-2026-28364

In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock function, which performs unbounded memcpy operation...

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-32049: denial of Service attack to websocket server bsc1240751. CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. CVE-2026-2443: out-of-bounds read when processing specially crafted...

SUSE-SU-2026:0689-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2025-32049: denial of Service attack to websocket server bsc1240751. - CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. - CVE-2026-2443: out-of-bounds read when processing specially...

EUVD-2026-8988

In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock function, which performs unbounded memcpy operation...