17780 matches found
CVE-2026-34150 Wazuh: Heap buffer overflow in wazuh-analysisd via rootcheck event parsing
Wazuh is a free and open source platform used for threat prevention, detection, and response. In versions 1.0.0 and above, prior to 4.14.5, a heap buffer overflow in wazuh-analysisd allows an unauthenticated remote attacker to crash the Wazuh manager's analysis engine, causing complete loss of SI...
UBUNTU-CVE-2026-61464
ImageMagick before 7.1.2-26 and 6.9.13-51 contains a heap-based buffer...
CVE-2026-24272
NVIDIA TensorRT contains a vulnerability where an attacker might cause an overflow to a heap-based buffer. A successful exploit of this vulnerability might lead to code execution...
CVE-2026-24268
Summary: CVE-2026-24268 affects NVIDIA TensorRT. The vulnerability is a heap-based buffer overflow in TensorRT that can lead to code execution if exploited. Public descriptions in connected records confirm the issue and its impact, including a CVSS v3.1 base score of 7.8 (High) with local attack ...
CVE-2026-57090
Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network...
CVE-2026-56189
Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code locally...
CVE-2026-50330
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-54993
CVE-2026-54993 describes a heap-based buffer overflow in Microsoft Windows Media Foundation that could allow a local attacker to execute code on a vulnerable system. The public descriptions in the provided documents identify the affected component as Windows Media Foundation, with the vulnerabili...
Windows Media Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally...
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability
Heap-based buffer overflow in Windows Internet Key Exchange IKE Protocol allows an unauthorized attacker to deny service over a network...
RLSA-2026:38489 Important: xorg-x11-server-Xwayland security update
Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg: X11: xserver: X.org: glamor Font Atlas Heap Buffer Overflow CVE-2026-55999 X.org: xorg-x11-server: GLX contextTags Use-After-Free in CommonMakeCurrent CVE-2026-56000 For more details about the security issues,...
RLSA-2026:38486 Important: xorg-x11-server security update
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg: X11: xserver: X.org: glamor Font Atlas Heap Buffer Overflow CVE-2026-55999 For more details about the...
SUSE-SU-2026:2977-1 Security update for afterburn
This update for afterburn fixes the following issues Update to version 5.10.0.git73.b97f772. Security issues fixed: - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270175. - CVE-2026-41677: openssl: out-of-bounds read in PEM password...
SUSE-SU-2026:2976-1 Security update for afterburn
This update for afterburn fixes the following issues Update to version 5.10.0.git73.b97f772. Security issues fixed: - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270175. - CVE-2026-41677: openssl: out-of-bounds read in PEM password...
xorg-x11-server security update
An update is available for xorg-x11-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list X.Org is an open-source implementation of the X Window System. It...
Security Updates for Microsoft Word Products (July 2026)
The Microsoft Word Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. CVE-2026-55032, CVE-2026-55128 - Stack-based buffer overflow in Microsoft Office...
PT-2026-58165
Name of the Vulnerable Software and Affected Versions Windows Resilient File System ReFS affected versions not specified Description A heap-based buffer overflow exists in the Windows Resilient File System ReFS. This issue allows an authenticated attacker with local access to execute arbitrary co...
KB5099445: Windows Server 2012 Security Update (July 2026)
The remote Windows host is missing security update 5099445. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows RDP allows an unauthorized attacker to execute code over a network. CVE-2026-58594 - Heap-based buffer overflow in Windows Message Queuing...
RockyLinux 9 : xorg-x11-server (RLSA-2026:38486)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:38486 advisory. xorg: X11: xserver: X.org: glamor Font Atlas Heap Buffer Overflow CVE-2026-55999 Tenable has extracted the preceding description block directly from the RockyLin...
CVE-2026-40468
The CVE-2026-40468 entry concerns gawk (versions 5.4.0 and earlier) with an integer overflow in the builtin.c file. The flaw can cause memory exhaustion and may enable overwriting heap metadata and objects with attacker-controlled bytes. This is described across multiple feeds (NVD/NIST entry and...