ROS-20260615-73-0005

The vulnerability in freerdp is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260615-73-0001

The vulnerability in freerdp is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260615-73-0010

The vulnerability of the RDP client FreeRDP is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

CVE-2025-55650

GPAC MP4Box v2.4 is affected by a heap use-after-free in gf_node_get_tag (scenegraph/base_scenegraph.c) that enables Denial of Service via crafted MP4 files. Impact: availability DoS. Root cause: heap use-after-free. Affected component: GPAC MP4Box 2.4; vulnerability location: gf_node_get_tag in ...

PT-2026-49276

A heap use-after-free in the gf node get tag function scenegraph/base scenegraph.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

PT-2026-49371

Unauthenticated SQL Injection in Feed KuantoKusta for WooCommerce – Free = 5.3 versions...

PT-2026-49241

Zephyr's native TCP stack iterates the global connection list in net tcp foreach subsys/net/ip/tcp.c using the SYS SLIST FOR EACH CONTAINER SAFE macro, which caches a pointer to the next list node. Prior to this fix the function released tcp lock while invoking the per-connection callback and...

RHEL 9 : valkey (RHSA-2026:25925)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25925 advisory. Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, se...

ROS-20260615-73-0007

The vulnerability of the StreamEnsureCapacity function in the RDP client FreeRDP is caused by a numerical overflow condition. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service failures...

SUSE SLES15 Security Update : podofo (SUSE-SU-2026:2309-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2309-1 advisory. This update for podofo fixes the following issue: - CVE-2026-44348: double-free in computehashtosign in src/podofo/private/OpenSSLInternalRipped.cpp...

SUSE SLES12 Security Update : libyang (SUSE-SU-2026:2334-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2334-1 advisory. This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML...

SUSE SLES15 Security Update : libyang (SUSE-SU-2026:2335-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2335-1 advisory. This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafte...

SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2026:2378-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2378-1 advisory. This update for webkit2gtk3 fixes the following issues Update to version 2.52.4: - CVE-2026-28847: processing maliciously crafted w...

SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2026:2376-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2376-1 advisory. This update for webkit2gtk3 fixes the following issues Update to version 2.52.4: Security fixes: -...

SUSE SLED15 / SLES15 Security Update : libsoup (SUSE-SU-2026:2314-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2314-1 advisory. This update for libsoup fixes the following issues - CVE-2026-1801: HTTP Request Smuggling in...

SUSE SLES12 Security Update : strongswan (SUSE-SU-2026:2312-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:2312-1 advisory. This update for strongswan fixes the following issue - CVE-2026-47895: double-free when destroying certain cloned identities bsc1266360. Tenable has...

SUSE SLES15 Security Update : libyang (SUSE-SU-2026:2337-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2337-1 advisory. This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafte...

SUSE CVE-2026-12007

Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

SUSE CVE-2026-12008

Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

SUSE CVE-2026-12011

Use after free in WebMIDI in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...