Waterfall WF-500 缓冲区错误漏洞

The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. In the version 7.10.0.0 R2601141040 of the Waterfall WF-500 RX Host, there is a buffer error vulnerability. This vulnerability stems...

FreeRDP 缓冲区错误漏洞

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.26.0 contained a buffer error vulnerability. This vulnerability stemmed from the plane bitmap decoder’s inability to prevent out-of-bounds write-ups during RLE plane data decoding...

ROS-20260529-73-0017

The vulnerability of the software for interacting with servers via CURL is related to the execution of operations within the acceptable data buffer limits. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...

ROS-20260529-73-0026

The vulnerability of the JSONSCHEMAVALID function in the MariaDB database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to cause service interruptions and execute arbitrary code by sending a specially crafted JSON file...

Fedora 43 : perl-Sereal / perl-Sereal-Decoder / perl-Sereal-Encoder (2026-49c4be8260)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-49c4be8260 advisory. This update includes a security fix to make sure that COPY tags cannot be used to read past end of the buffer. Tenable has extracted the preceding descriptio...

RockyLinux 8 : freeipmi (RLSA-2026:20579)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:20579 advisory. freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 Tenable has extracted the preceding description block directly from the RockyLinux...

SUSE SLES16 Security Update : nginx (SUSE-SU-2026:21832-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21832-1 advisory. This update for nginx fixes the following issues - CVE-2026-27651: denial of service via undisclosed requests when the...

ROS-20260529-73-0010

The vulnerability of JavaScript script handlers in Mozilla Firefox, Firefox ESR, and the email client Thunderbird lies in the issue of writing beyond the buffer boundaries in memory during the processing of Promise objects. Exploiting this vulnerability allows a malicious actor to execute arbitra...

OpenSC 安全漏洞

OpenSC is an open-source smart card tool and middleware developed by OpenSC. Versions of OpenSC prior to 0.27.0 contained security vulnerabilities. These vulnerabilities stemmed from a stack and heap buffer overflow vulnerability in the dokeyvalue function located in src/pkcs15init/profile.c. Thi...

Rizin 缓冲区错误漏洞

Rizin is a free, open-source reverse-engineering framework developed by the Rizin organization. It is used for analyzing binary files, disassembling code, debugging programs, as a forensics tool, and as a command-line hexadecimal editor capable of opening disk files. Rizin has a buffer overflow...

TRENDnet TEW-432BRP 安全漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by TRENDnet Corporation. Version 3.10B20 of TRENDnet TEW-432BRP has a security vulnerability. This vulnerability stems from a buffer overflow in the parameters ip/mask/gateway stored in the file/goform/formSetRoute, which could allow a...

PT-2026-44883

A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetPortTr of the file /goform/formSetPortTr. Performing a manipulation of the argument special name results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit...

Linux Distros Unpatched Vulnerability : CVE-2026-46234

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock: fix buffer size clamping order In vsockupdatebuffersize, the buffer size was being clamped to the maximum first, and then to the minimum. If a user sets ...

Linux Distros Unpatched Vulnerability : CVE-2026-46236

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: rc: xboxremote: heed DMA restrictions The buffer for IO must not be part of the device structure because that violates the DMA coherency rules...

Linux Distros Unpatched Vulnerability : CVE-2026-46110

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: stmmac: Prevent NULL deref when RX memory exhausted The CPU receives frames from the MAC through conventional DMA: the CPU allocates buffers for the MAC,...

Linux Distros Unpatched Vulnerability : CVE-2026-46197

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds buffer access via user-controlle...

Linux Distros Unpatched Vulnerability : CVE-2026-49127

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows...

Linux Distros Unpatched Vulnerability : CVE-2026-46149

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then wi...

CVE-2026-9924

Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-46183

A flaw was found in the Linux kernel's DAMON Data Access MONitor sysfs system file system component. This vulnerability, a use-after-free, occurs because the damonsysfsquotgoal-path buffer can be deallocated during a write operation without proper locking. A local user could exploit this race...