17783 matches found
CVE-2026-40468
The CVE-2026-40468 entry concerns gawk (versions 5.4.0 and earlier) with an integer overflow in the builtin.c file. The flaw can cause memory exhaustion and may enable overwriting heap metadata and objects with attacker-controlled bytes. This is described across multiple feeds (NVD/NIST entry and...
SUSE SLES15 Security Update : gstreamer-plugins-good (SUSE-SU-2026:2844-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2844-1 advisory. This update for gstreamer-plugins-good fixes the following issue - CVE-2026-53705: Heap buffer overflow in WavPack decoder via integer...
ALSA-2026:38487 Important: xorg-x11-server security update
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg: X11: xserver: X.org: glamor Font Atlas Heap Buffer Overflow CVE-2026-55999 For more details about the...
SUSE SLES15 Security Update : gstreamer-plugins-good (SUSE-SU-2026:2842-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2842-1 advisory. This update for gstreamer-plugins-good fixes the following issue - CVE-2026-53705: Heap buffer overflow in WavPack decoder via integer...
CVE-2026-56372
ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service...
gstreamer1-plugins-bad-free security update
An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs ...
RLSA-2026:36834 Important: gstreamer1-plugins-bad-free security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer1-plugins-bad-free: GStreamer: Denial of service via AV1 tilelistobu parser byte/bit...
SUSE-SU-2026:2844-1 Security update for gstreamer-plugins-good
This update for gstreamer-plugins-good fixes the following issue - CVE-2026-53705: Heap buffer overflow in WavPack decoder via integer overflow bsc1268449...
SUSE-SU-2026:2842-1 Security update for gstreamer-plugins-good
This update for gstreamer-plugins-good fixes the following issue - CVE-2026-53705: Heap buffer overflow in WavPack decoder via integer overflow bsc1268449...
OPENSUSE-SU-2026:21294-1 Security update for python-cryptography
This update for python-cryptography fixes the following issues - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270208. - CVE-2026-41677: openssl: out-of-bounds read in PEM password callback when returning an oversized length...
RockyLinux 9 : libreoffice (RLSA-2026:36832)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:36832 advisory. libreoffice: LibreOffice Calc: Arbitrary code execution via heap buffer overflow in formula compilation CVE-2026-8357 Tenable has extracted the preceding...
MiracleLinux 8 : gstreamer1-plugins-good-1.16.1-7.el8_10 (AXSA:2026-1245:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-1245:01 advisory. gstreamer1-plugins-good: GStreamer: Heap buffer overflow in WavPack decoder via integer overflow CVE-2026-53705 Tenable has extracted the preceding descripti...
CVE-2026-56362
A heap-buffer-overflow read in ImageMagick's OpenPixelCache occurs when image channel metadata updates before memory allocation. Attackers can trigger this via memory and disk allocation failures to disclose sensitive information. Mitigation Isolate ImageMagick tasks by running them inside...
CVE-2026-58471
A flaw was found in GNU Wget. A remote attacker can exploit a heap buffer overflow vulnerability in the convertfname function. This occurs when processing a server-supplied filename that requires character set conversion, leading to memory corruption due to incorrect buffer reallocation. This can...
libXfont2 computeProps Property Buffer Heap Buffer Overflow
...
libXfont2 BitmapScaleBitmaps Integer Overflow Heap Buffer Overflow
...
SUSE SLED15 / SLES15 Security Update : xwayland (SUSE-SU-2026:2787-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2787-1 advisory. This update for xwayland fixes the following issues - CVE-2026-55999: glamor Font Atlas Heap Buffer Overflow...
dnsmasq < 2.93 Heap-Based Buffer Overflow (CVE-2026-12725)
The version of dnsmasq installed on the remote host is prior to 2.93. It is, therefore, affected by a heap-based buffer overflow vulnerability. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause...
CVE-2026-55999
A flaw was found in the glamorfontget function of the xorg-x11-server. This vulnerability, a heap buffer overflow, occurs when the server processes a specially crafted PCF font file where individual glyph metrics exceed the declared maximum bounds. An authenticated X client can exploit this by...
RLSA-2026:36639 Important: nginx:1.26 security, bug fix, and enhancement update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers CVE-2026-42055 Bug Fixes...