ROS-20260113-7373

A vulnerability in the smb2read function in the fs/smb/server/smb2pdu.c module of the Linux kernel is related to reading beyond buffer boundaries. Exploitation of the vulnerability may allow a remote intruder to affect confidentiality, integrity and availability of protected information...

MiracleLinux 8 : python39:3.9 (AXSA:2025-11636:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11636:01 advisory. python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used CVE-2024-5642 python: Virtual environment venv activation scripts...

MiracleLinux 8 : libjpeg-turbo-1.5.3-14.el8_10 (AXSA:2025-9945:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9945:01 advisory. libjpeg-turbo: heap-based buffer over-read in getrgbrow in rdppm.c CVE-2020-13790 Tenable has extracted the preceding description block directly from the...

DEBIAN-CVE-2026-22695

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function pngimagefinishread when processing interlaced 16-bit PNGs with...

CVE-2026-22801

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions pngwriteimage16bit and pngwriteimage8bit causes heap buffer...

AZL-74499 CVE-2026-22801 affecting package gdal 3.6.3-5

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions pngwriteimage16bit and pngwriteimage8bit causes heap buffer...

ROS-20260112-7312

A vulnerability in the qplibfp.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

libpng 缓冲区错误漏洞

libpng is The PNG Development Group's open source PNG reference library for creating, reading and writing PNG graphics files. A buffer error vulnerability exists in libpng versions 1.6.51 through 1.6.53, which stems from a heap buffer over-read in the pngimagefinishread function...

ROS-20260112-7308

A vulnerability in the amdgpudm.c component of the Linux operating system kernel is related to reading outside of the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260112-7342

Vulnerability in the xlogrecoverprocessdata function in the fs/xfs/xfslogrecover.c module of the xfs file system of the Linux kernel is related to reading memory outside of the allocated buffer Exploitation of the vulnerability could allow an attacker to affect the confidentiality and availabilit...

CVE-2022-42411

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2024-41445

Library MDF mdflib v2.1 is vulnerable to a heap-based buffer overread via a crafted mdf4 file is parsed using the ReadData function...

CVE-2022-33297

Information disclosure due to buffer overread in Linux sensors...

CVE-2026-20027

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerabili...

Siemens Ruggedcom ROX Improper Input Validation (CVE-2024-5642)

CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due to NPN being not...

CVE-2026-20027

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerabili...

CVE-2026-20026 Multiple Cisco Products Snort 3 DCERPC Vulnerabilities

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerabili...

CVE-2026-20027 Cisco Snort DCERPC Stub Data Out of Bounds Read

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerabili...

CVE-2025-1400

Out-of-bounds Read vulnerability in unpackresponse conn.c in libplctag from 2.0 through 2.6.3 allows Overread Buffers via network...

PT-2026-2047

Name of the Vulnerable Software and Affected Versions Cisco products affected versions not specified Description A flaw exists in the processing of DCE/RPC requests that may allow a remote attacker to obtain sensitive information or cause the Snort 3 Detection Engine to restart, leading to an...