RLSA-2026:1696 Moderate: util-linux security update

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fixes: util-linux: util-linux: Heap buffer overread in setpwnam when processing...

RLSA-2026:1913 Moderate: util-linux security update

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fixes: util-linux: util-linux: Heap buffer overread in setpwnam when processing...

ROS-20260205-73-0001

A vulnerability in the net/can/bcm.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability may allow an attacker to gain access to sensitive data and also cause a denial of service...

RockyLinux 10 : util-linux (RLSA-2026:1696)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1696 advisory. util-linux: util-linux: Heap buffer overread in setpwnam when processing 256-byte usernames CVE-2025-14104 Tenable has extracted the preceding description block...

RockyLinux 9 : util-linux (RLSA-2026:1913)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1913 advisory. util-linux: util-linux: Heap buffer overread in setpwnam when processing 256-byte usernames CVE-2025-14104 Tenable has extracted the preceding description block...

SUSE-SU-2026:0377-1 Security update for libheif

This update for libheif fixes the following issues: - CVE-2025-68431: Fixed heap buffer over-read in HeifPixelImage::overlay via crafted HEIF that exercises the overlay image item bsc1255735...

RHEL 8 : util-linux (RHSA-2026:1852)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1852 advisory. The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these...

AzeoTech DAQFactory Pro CTL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

AlmaLinux 10 : util-linux (ALSA-2026:1696)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:1696 advisory. util-linux: util-linux: Heap buffer overread in setpwnam when processing 256-byte usernames CVE-2025-14104 Tenable has extracted the preceding description block...

Moderate: util-linux security update

The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fixes: util-linux: util-linux: Heap buffer overread in setpwnam when processing...

CVE-2025-47402 Buffer Over-read in WLAN Firmware

Transient DOS when processing a received frame with an excessively large authentication information element...

CVE-2026-24852 iccDEV has a heap-buffer-overflow in icXmlParseTextString()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, a heap buffer over-read when the strlen function attempts to read a non-null-terminated buffer potentially leaking heap memory...

ROS-20260128-73-0055

Vulnerability in kernel-lt related to reading outside buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2026-24823 A heap-based buffer over-read or buffer overflow vulnerability in FASTSHIFT/X-TRACK

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in FASTSHIFT X-TRACK Software/X-Track/USER/App/Utils/lvimgpng/PNGdec/src modules. This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7...

CVE-2026-24823 A heap-based buffer over-read or buffer overflow vulnerability in FASTSHIFT/X-TRACK

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in FASTSHIFT X-TRACK Software/X-Track/USER/App/Utils/lvimgpng/PNGdec/src modules. This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7...

CVE-2026-24821 A heap-based buffer over-read that might affect a system that compiles untrusted Lua code in turanszkij/WickedEngine.

Out-of-bounds Read vulnerability in turanszkij WickedEngine WickedEngine/LUA modules. This vulnerability is associated with program files lparser.C. This issue affects WickedEngine: through 0.71.727...

CVE-2026-24800 A heap-based buffer over-read or buffer overflow in tildearrow/furnace

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in tildearrow furnace extern/zlib modules. This vulnerability is associated with program files inflate.C...

CVE-2026-24800

CVE-2026-24800 describes an out-of-bounds write / buffer copy without size checks in the tildearrow furnace code path, specifically in extern/zlib modules’ inflate.C. The vulnerability is characterized as a heap-based overflow/over-read with high impacts to confidentiality, integrity, and availab...

CVE-2026-24799 A heap-based buffer over-read or buffer overflow in davisking/dlib

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in davisking dlib dlib/external/zlib modules. This vulnerability is associated with program files inflate.C. This issue affects dlib: before v19.24.9...

CVE-2026-24799

CVE-2026-24799 affects davisking/dlib (dlib/external/zlib) with an out-of-bounds write in inflate.C. Affected versions are before v19.24.9; the vulnerability is triggered via a classic buffer overflow in a local context (attack vector: local, complexity: low, privileges: low, user interaction: ac...