Lucene search
K

1692 matches found

EUVD
EUVD
added 2026/07/07 9:12 a.m.5 views

EUVD-2026-42023

A path traversal flaw was found in SSSD's AD GPO provider. The adgpoextractsmbcomponents function does not sanitize .. sequences in the gPCFileSysPath LDAP attribute, allowing an attacker with AD GPO management access to write files outside the GPO cache directory as root. On default RHEL...

8CVSS5.9AI score0.00501EPSS
Exploits0References2
OSV
OSV
added 2026/07/06 2:12 p.m.3 views

SUSE-SU-2026:2781-1 Security update for postfix

This update for postfix fixes the following issue - CVE-2026-43964: buffer overread and process crash via an enhanced status code that lacks text after the third number bsc1264062...

7.5CVSS6.2AI score0.00415EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 8:4 a.m.8 views

CVE-2026-53182

A flaw was found in the Linux kernel's nl80211 Wi-Fi subsystem. The nl80211parsernrelems function, responsible for parsing EMA RNR Enhanced Multiple Access Reduced Neighbor Report lists, does not properly handle an excessive number of nested NL80211ATTREMARNRELEMS inputs. This improper input...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 5:36 p.m.4 views

keycloak: Keycloak: Information disclosure via SAML ECP endpoint

A flaw was found in Keycloak. A remote, unauthenticated attacker can exploit this vulnerability by sending specially crafted SOAP requests to the SAML ECP Security Assertion Markup Language Enhanced Client or Proxy endpoint with varying client IDs. By observing distinct faultstrings in the...

5.3CVSS5.7AI score0.00331EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.7 views

CVE-2026-53257

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: enforce HE/EHT cap/oper consistency Xiang Mei reports that mac80211 could crash if ehtcap is set but ehtoper isn't. Rather than fixing that for the individual users, enforce that both HE/EHT have consistent elemen...

5.5CVSS5.7AI score0.00104EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.31 views

CVE-2026-53208 Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig net/bluetooth/l2capcore.c:l2capsigchannel accepts BR/EDR signaling packets up to the channel MTU and dispatches each command without enforcing the signaling MTU MTUsig...

0.00122EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.7 views

Oracle Linux 9 : post (ELSA-2026-26205)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-26205 advisory. 2:3.5.25-3 - Fix for CVE-2026-43964: buffer over-read via malformed enhanced status code. Resolves: RHEL-176550 Tenable has extracted the preceding description...

7.5CVSS6.1AI score0.00415EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 2:37 p.m.2 views

OPENSUSE-SU-2026:21020-1 Security update for postfix

This update for postfix fixes the following issue - CVE-2026-43964: buffer overread and process crash via an enhanced status code that lacks text after the third number bsc1264062...

7.5CVSS6AI score0.00415EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 2:35 p.m.2 views

SUSE-SU-2026:22335-1 Security update for postfix

This update for postfix fixes the following issue - CVE-2026-43964: buffer overread and process crash via an enhanced status code that lacks text after the third number bsc1264062...

7.5CVSS6AI score0.00415EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2026/06/17 12:3 p.m.9 views

postfix security update

An update is available for postfix. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The postfix packages provide a Mail Transport Agent MTA, which supports...

7.5CVSS5.7AI score0.00415EPSS
Exploits0
OSV
OSV
added 2026/06/17 6:0 a.m.7 views

RLSA-2026:25932 Important: postfix security update

The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: buffer over-read via malformed enhanced status code CVE-2026-43964 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS5.5AI score0.00415EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.10 views

RockyLinux 9 : postfix (RLSA-2026:26205)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:26205 advisory. postfix: buffer over-read via malformed enhanced status code CVE-2026-43964 Tenable has extracted the preceding description block directly from the RockyLinux...

7.5CVSS5.6AI score0.00415EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/16 12:10 p.m.22 views

Important: Red Hat Security Advisory: postfix security update

An update for postfix is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS5.6AI score0.00415EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/16 12:10 p.m.10 views

postfix: buffer over-read via malformed enhanced status code

A flaw was found in Postfix. This issue occurs when processing enhanced status codes, specifically an enhanced status code that lacks text following the third number. Depending on the configuration of the server, this allows a remote attacker to cause a buffer over-read of only 1 byte, leading to...

7.5CVSS5.7AI score0.00415EPSS
Exploits0References5
OSV
OSV
added 2026/06/16 12:0 a.m.5 views

ALSA-2026:26205 Important: postfix security update

The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: buffer over-read via malformed enhanced status code CVE-2026-43964 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS5.5AI score0.00415EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.14 views

Oracle Linux 8 : post (ELSA-2026-25932)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-25932 advisory. 2:3.5.8-8 - Fix for CVE-2026-43964: buffer over-read via malformed enhanced status code. Resolves: RHEL-176548 Tenable has extracted the preceding description...

7.5CVSS5.6AI score0.00415EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 4:22 p.m.12 views

EUVD-2026-36736

LibreOffice can import EMF+ graphics, which may be embedded in documents. A heap buffer overflow existed when importing an EMF+ gradient brush. The number of gradient blend points was read from the file and used to compute an allocation size, but that multiplication could overflow, so a small...

6.9CVSS5.6AI score0.0012EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 4:22 p.m.38 views

CVE-2026-6045 Heap buffer overflow in EMF+ gradient brush import

LibreOffice can import EMF+ graphics, which may be embedded in documents. A heap buffer overflow existed when importing an EMF+ gradient brush. The number of gradient blend points was read from the file and used to compute an allocation size, but that multiplication could overflow, so a small...

6.9CVSS0.0012EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/15 10:36 a.m.9 views

postfix: buffer over-read via malformed enhanced status code

A flaw was found in Postfix. This issue occurs when processing enhanced status codes, specifically an enhanced status code that lacks text following the third number. Depending on the configuration of the server, this allows a remote attacker to cause a buffer over-read of only 1 byte, leading to...

7.5CVSS5.7AI score0.00415EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/15 10:7 a.m.11 views

postfix: buffer over-read via malformed enhanced status code

A flaw was found in Postfix. This issue occurs when processing enhanced status codes, specifically an enhanced status code that lacks text following the third number. Depending on the configuration of the server, this allows a remote attacker to cause a buffer over-read of only 1 byte, leading to...

7.5CVSS5.7AI score0.00415EPSS
Exploits0References5
Rows per page
Query Builder