CLSA-2026-1776849467 jasper: Fix of 3 CVEs

CVE-2021-26926: prevent out-of-bounds read in jp2decode by hard-erroring on inconsistent IHDR/BPCC component metadata - CVE-2021-26927: prevent out-of-bounds read in jp2decode by hard-erroring on inconsistent IHDR/BPCC component metadata - CVE-2021-3272: prevent heap-based buffer over-read in...

OESA-2026-2040 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP...

OESA-2026-2039 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP...

OESA-2026-2038 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP...

OESA-2026-2037 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP...

OESA-2026-2036 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP...

Linux Distros Unpatched Vulnerability : CVE-2026-31610

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc The kernel ASN.1 BER decoder calls action callbacks incrementally as it walks the input...

EUVD-2026-25624

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an off-by-one out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service decoder allows unauthenticated remote attackers to read one byte past an allocated buffer boundary by...

CLSA-2026-1777049076 tar: Fix of CVE-2019-9923

CVE-2019-9923: fix possible NULL dereference in paxdecodeheader...

CLSA-2026-1777043727 tar: Fix of CVE-2019-9923

CVE-2019-9923: fix possible NULL dereference in paxdecodeheader...

SUSE CVE-2026-41312

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor...

PT-2026-35078

Name of the Vulnerable Software and Affected Versions BACnet Stack versions prior to 1.4.3 Description An out-of-bounds read exists in the ReadPropertyMultiple service property decoder. Unauthenticated remote attackers can read past allocated buffer boundaries by sending a ReadPropertyMultiple...

PT-2026-34962

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the ksmbd component during the SPNEGO decoding process. When the ksmbd decode negTokenInit function processes the mechToken OCTET STRING element, the ksmbd neg...

Linux Distros Unpatched Vulnerability : CVE-2026-41314

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to...

CVE-2026-41312

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor...

DEBIAN-CVE-2026-41312

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor...

CVE-2026-41314

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...

EUVD-2026-25116

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...

CVE-2026-41314

CVE-2026-41314 (pypdf) affects versions prior to 6.10.2 of the Python PDF library. An attacker can craft a PDF using a /FlateDecode image with large size values, causing RAM exhaustion. Impact is local, with memory impact (RAM) and potential denial of service. The issue is fixed in pypdf 6.10.2; ...

EUVD-2026-25112

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor...