PT-2026-21018

Name of the Vulnerable Software and Affected Versions Silicon Labs Secure NCP versions affected versions not specified Description An integer underflow in the Silicon Labs Secure NCP host implementation can lead to a buffer overread when processing a crafted packet. Recommendations At the moment,...

ROS-20260220-73-0003

A vulnerability in the ath9khtcswba function of the wifi component of the Linux operating system kernel is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260220-73-0018

A vulnerability in the lan743xptpioeventclockget function of the net component of the Linux operating system kernel is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected...

PT-2026-40155

Name of the Vulnerable Software and Affected Versions Windows DWM Core Library affected versions not specified Description A buffer over-read in the Windows DWM Core Library allows an authorized attacker to disclose sensitive information locally. Recommendations At the moment, there is no...

Amazon Linux 2023 : libsoup, libsoup-devel (ALAS2023-2026-1439)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1439 advisory. A flaw was found in libsoup. The libsoup appendparamquoted function may contain an overflow bug resulting in a buffer under-read. CVE-2025-32050 A flaw was found in libsoup. A vulnerability in...

Medium: libsoup

Issue Overview: A flaw was found in libsoup. The libsoup appendparamquoted function may contain an overflow bug resulting in a buffer under-read. CVE-2025-32050 A flaw was found in libsoup. A vulnerability in the sniffunknown function may lead to heap buffer over-read. CVE-2025-32052 A flaw was...

Advisory ROSA-SA-2026-3188

Software: libpng 1.6.34 OS: ROSA Virtualization 2.1 unaffected versions = libpng-1.6.34-9.0.1.1.rv3 affected versions libpng-1.6.34-9.0.1.rv3 CVE-ID: CVE-2025-64720 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Read outside buffer vulnerability in LIBPNG: The pngimagereadcomposite function incorrectly...

Advisory ROSA-SA-2026-3168

Software: libpng 1.6.34 OS: ROSA Virtualization 3.0 unaffected versions = libpng-1.6.34-9.0.1.1.rv30 affected versions libpng-1.6.34-9.0.1.rv30 CVE-ID: CVE-2025-64720 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Read Outside Buffer Vulnerability in LIBPNG: The pngimagereadcomposite function incorrectly...

Advisory ROSA-SA-2026-3138

Software: curl 7.61.1 OS: ROSA Virtualization 3.0 unaffected versions = curl-7.61.1-34.0.2.rv30.9 affected versions curl-7.61.1-34.0.2.rv30.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffe...

EUVD-2026-5885

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping TTLM elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. Note that access point...

CLSA-2026-1771002358 libpng: Fix of CVE-2026-22801

CVE-2026-22801: fix heap buffer over-read in pngimagewrite...

CVE-2026-20846

Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network...

CVE-2026-20846

Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network...

GDI+ Denial of Service Vulnerability

Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network...

PT-2026-7457

The mongo-go-driver repository contains CGo bindings for GSSAPI Kerberos authentication on Linux and macOS. The C wrapper implementation contains a heap out-of-bounds read vulnerability due to incorrect assumptions about string termination in the GSSAPI standard. Since GSSAPI buffers are not...

PT-2026-7331

Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network...

openSUSE Security Advisory (SUSE-SU-2026:0377-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MiracleLinux 8 : util-linux-2.32.1-48.el8_10 (AXSA:2026-146:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-146:02 advisory. util-linux: util-linux: Heap buffer overread in setpwnam when processing 256-byte usernames CVE-2025-14104 Tenable has extracted the preceding description blo...

RockyLinux 8 : util-linux (RLSA-2026:1852)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1852 advisory. util-linux: util-linux: Heap buffer overread in setpwnam when processing 256-byte usernames CVE-2025-14104 Tenable has extracted the preceding description block...

RLSA-2026:1696 Moderate: util-linux security update

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fixes: util-linux: util-linux: Heap buffer overread in setpwnam when processing...