Fedora 44 : objfw (2026-f9938a84c7)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f9938a84c7 advisory. Update to 1.5.4. Fixes a buffer overflow caused by integer promotion rules in OFBMPImageFormatHandler and OFQOIImageFormatHandler. ---- Update to 1.5.3 Tenab...

PT-2026-45520

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary...

PT-2026-45633

Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer...

Qualcomm Chipsets Buffer Error Vulnerability

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have a buffer error vulnerability, which stems from insufficient output buffer size during the execution of random number generator commands, leading to memory corruption...

CVE-2025-55664

A heap buffer overflow in the m2tsdmxsendpacket function filters/dmxm2ts.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

PUB-A-494629585

In Write of msgtohostbuffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45451

A flaw has been found in OpenSC up to 0.26.1. This affects the function test kpgen certwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an...

PT-2026-45420

Name of the Vulnerable Software and Affected Versions Poly Voice VVX 150 Poly Voice VVX 250 Poly Voice VVX 350 Poly Voice VVX 450 Poly Voice Trio 8300 Poly Voice Trio 8500 Poly Voice Trio 8800 Description A stack-based buffer overflow exists in the Session Description Protocol SDP parsing process...

PT-2026-45623

Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft a malicious input file with a 672-byte offset to overwrite the nSEH and SEH pointers, enabling code execution through...

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a stack buffer overflow in the Load function withinLoadedArsc.cpp. This vulnerability may lead to out-of-bound writes. It could result i...

Qualcomm Chipsets Buffer Error Vulnerability

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have a buffer error vulnerability, which stems from memory corruption during the processing of IOCTL calls...

Qualcomm Chipsets security vulnerabilities

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. There is a security vulnerability in Qualcomm Chipsets, which stems from a buffer overflow issue when using Strongbox...

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd:...

ASB-A-463995203

In pngimagefinishread of pngrtran.c, there is a possible out of bounds read due to a buffer overflow. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-449160232

In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Poly Voice – Possible Remote Control of Certain Poly Devices

In certain scenarios when the admin has enabled Interactive Connectivity Establishment ICE, a buffer overflow could enable remote code execution on Poly Voice products on the Linux platform. HP Poly recommends admins disable ICE connectivity when not required...

PT-2026-45659

Name of the Vulnerable Software and Affected Versions Strongbox affected versions not specified Description A buffer overflow leads to memory corruption when using Strongbox. A buffer overflow occurs when a program writes more data to a block of memory, or buffer, than it is allocated to hold,...

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a buffer overflow in multiple functions within sdpdiscovery.cc. This vulnerability may lead to remote code execution, and it can be...

OpenSC security vulnerabilities

OpenSC is an open-source smart card tool and middleware developed by OpenSC. Versions of OpenSC prior to 0.26.1 contain security vulnerabilities. These vulnerabilities stem from a mistake in the function testkpgencertwrite in the Key Generation Module component of the pkcs11-tool. This mistake ma...

Assimp security vulnerabilities

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contain security vulnerabilities, which stem from issues with the HL1MDLLoader::readmeshes function in the HL1MDLLoader.cpp file. These...