Lucene search
+L

80 matches found

RedHat Linux
RedHat Linux
added 4 days ago7 views

Important: Red Hat Security Advisory: compat-openssl11 security update

An update for compat-openssl11 is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

8.8CVSS6.1AI score0.02719EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 1:56 p.m.9 views

CVE-2026-14178

openGauss 在处理带 NLS 参数的 totimestamp 调用时,totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr,导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下,可构造特定...

5.9CVSS5.8AI score0.00351EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/25 2:33 p.m.8 views

CVE-2026-57436

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::Documentroot= validated only that the new root was a Nokogiri::XML::Node, allowing a DTD node to be set as the document root. The result is a heap use-after-free during garbage...

6.3CVSS5.8AI score0.00312EPSS
Exploits0References1
OSV
OSV
added 2026/06/20 6:54 a.m.2 views

OPENSUSE-SU-2026:21123-1 Security update for bind

This update for bind fixes the following issues Upgrade to release 9.20.23: - CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-3593: Heap use-after-free...

9.8CVSS6.7AI score0.01844EPSS
Exploits1References12
OSV
OSV
added 2026/06/20 6:53 a.m.2 views

SUSE-SU-2026:22198-1 Security update for bind

This update for bind fixes the following issues Upgrade to release 9.20.23: - CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-3593: Heap use-after-free...

9.8CVSS5.8AI score0.01844EPSS
Exploits1References13
OSV
OSV
added 2026/06/13 12:7 a.m.13 views

OSV-2026-907 Heap-use-after-free in gf_sg_route_del

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=523017644 Crash type: Heap-use-after-free READ 8 Crash state: gfsgroutedel gfsgreset gfsgdel...

5.3AI score
Exploits0References1
NVD
NVD
added 2026/06/10 10:16 p.m.10 views

CVE-2026-46523

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, a crafted MSL image can trigger a heap-use-after-free. Versions 7.1.2.23 and 6.9.13-48 fix the issue...

7.5CVSS0.00301EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.16 views

SUSE SLES16 Security Update : nginx (SUSE-SU-2026:21832-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21832-1 advisory. This update for nginx fixes the following issues - CVE-2026-27651: denial of service via undisclosed requests when the...

9.2CVSS9AI score0.61469EPSS
Exploits40References19
OSV
OSV
added 2026/05/25 1:58 p.m.11 views

SUSE-SU-2026:2050-1 Security update for nginx

This update for nginx fixes the following issues - CVE-2026-27651: denial of service via undisclosed requests when the ngxmailauthhttpmodule is enabled bsc1260415. - CVE-2026-32647: NGINX worker memory over-read or over-write via a specially crafted MP4 file bsc1260420. - CVE-2026-40701: heap...

9.2CVSS7.6AI score0.61469EPSS
Exploits40References13
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL rendering thread led to a heap use-after-free. Specifically, a pointer to sdl-primary SDLSurface was accessed after it had been...

8.2CVSS5.4AI score0.00247EPSS
Exploits1References2
NVD
NVD
added 2026/05/13 4:16 p.m.9 views

CVE-2026-40701

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpsslmodule module when the sslverifyclient directive is set to "on" or "optional," and the sslocsp directive is set to "on" or the leaf parameters are configured with a resolver. With this configuration, an unauthenticated attacke...

6.3CVSS0.00677EPSS
Exploits0References1
OSV
OSV
added 2026/04/27 12:4 p.m.4 views

SUSE-SU-2026:1632-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. - CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952: Heap-use-after-free in...

9.8CVSS4.9AI score0.00599EPSS
Exploits13References30
RedHat Linux
RedHat Linux
added 2026/04/27 5:38 a.m.10 views

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS5.8AI score0.00656EPSS
Exploits5References10
AlpineLinux
AlpineLinux
added 2026/04/13 9:36 p.m.5 views

CVE-2026-40311

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash when reading and printing values from an invalid XMP profile. This issue has been fixed in versio...

5.5CVSS5.7AI score0.00184EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-007083)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007083 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free...

5.3CVSS5.8AI score0.00243EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/04/09 8:16 p.m.7 views

CVE-2026-34734

HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the h5dump helper utility. An attacker who can supply a malicious h5 file can trigger a heap use-after-free. The freed object is referenced in a memmove call from H5Tconvstruct. The original object was...

7.8CVSS5.7AI score0.00193EPSS
Exploits1References2
OSV
OSV
added 2026/04/09 7:1 p.m.4 views

CVE-2026-34734 HDF5: H5T__conv_struct Use After Free

HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the h5dump helper utility. An attacker who can supply a malicious h5 file can trigger a heap use-after-free. The freed object is referenced in a memmove call from H5Tconvstruct. The original object was...

7.8CVSS7AI score0.00193EPSS
Exploits1References6
Rockylinux
Rockylinux
added 2026/04/07 12:3 p.m.14 views

squid security update

An update is available for squid. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Squid is a high-performance proxy caching server for web clients, supporting FT...

9.2CVSS5.9AI score0.08942EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.5 views

RHEL 10 : freerdp (RHSA-2026:6799)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6799 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...

9.8CVSS6.6AI score0.00656EPSS
Exploits5References30
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.10 views

RockyLinux 9 : squid (RLSA-2026:6301)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:6301 advisory. squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling CVE-2026-33526 Squid: Squid: Denial of Service via crafted ICP...

9.2CVSS6AI score0.08942EPSS
Exploits0References5
Rows per page
Query Builder