PT-2026-46939

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

UBUNTU-CVE-2026-47318

Stack-based buffer overflow vulnerability in Samsung Open Source rlott...

Security update for xorg-x11-server (important)

openSUSE security update: security update for xorg-x11-server ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20896-1 Rating: important References: bsc1266294 bsc1266295 bsc1266296 bsc1266297 bsc1266298 bsc1266299 bsc1266300 bsc1266301 bsc1266302...

UBUNTU-CVE-2026-50259

XKB SetMap Request Stack-based Buffer Overflow...

ROS-20260605-73-0019

The vulnerability in ImageMagick7 is related to buffer overflow in the stack. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

ROS-20260605-73-0018

The vulnerability in ImageMagick is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260605-73-0106

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

RockyLinux 10 : php8.4 (RLSA-2026:22649)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22649 advisory. PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting...

UBUNTU-CVE-2026-50258

XKB Key Types Stack-based Buffer Overflow...

ROS-20260605-73-0085

The vulnerability of Firefox browsers, Firefox ESR, and Thunderbird email clients, Thunderbird ESR, is related to writing beyond the buffer limit. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PT-2026-47076

A stack‑based buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF CreateUsers service, where the device fails to properly validate the number of XML user nodes during request processing. An authenticated attacker can send a specially crafted ONVIF request containing an excessive...

ROS-20260605-73-0090

The vulnerability in Firefox is related to the execution of operations outside the buffer in memory. The vulnerability can be exploited remotely...

ROS-20260605-73-0103

Vulnerability of WebRTC component: The networking functions of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are vulnerable due to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow attackers to compromise the confidentiality,...

ROS-20260605-73-0097

The vulnerability in Firefox is related to the execution of operations outside the buffer in memory. The vulnerability can be exploited remotely...

ROS-20260605-73-0105

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260605-73-0089

The vulnerability in Firefox is related to the execution of operations outside the buffer in memory. The vulnerability can be exploited remotely...

CVE-2026-10949

Heap buffer overflow in Video in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-10946

Heap buffer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-10898

Stack buffer overflow in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...