28 matches found
CVE-2026-12087
A flaw was found in the perl-Socket component. The packipmreqsource function, which handles network socket operations, contains an out-of-bounds heap read vulnerability. An attacker providing a specially crafted input can cause the system to read beyond the intended memory buffer, potentially...
OESA-2026-2509 dnsmasq security update
Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portabl...
SUSE-SU-2026:21640-1 Security update for dnsmasq
This update for dnsmasq fixes the following issues Security issues: - CVE-2026-2291: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251. - CVE-2026-4890: DoS vulnerability in the DNSSEC validation bsc1265001. - CVE-2026-4891: heap-based out-of-bounds re...
CVE-2026-4891 CVE-2026-4891
A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...
OESA-2026-2255 libvncserver security update
libvncserver is a set of programs using the RFB Remote Frame Buffer protocol. They are designed to "export" a frame buffer via net: you set up a server and can connect to it via VNC viewers. If the server supports WebSockets which LibVNCServer does, you can also connect using an in-browser VNC...
Linux Distros Unpatched Vulnerability : CVE-2026-42477
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers...
OESA-2026-1937 sleuthkit security update
The Sleuth Kit previously known as TASK is a collection of UNIX-based command line file system forensic tools that allow an investigator to examine NTFS, FAT, FFS, EXT2FS, EXT3FS and ExFAT file systems of a suspect computer in a non-intrusive fashion. The tools have a layer-based design and can...
Linux Distros Unpatched Vulnerability : CVE-2025-66037
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, feeding a crafted input to the fuzzpkcs15reader harness causes OpenSC to...
CVE-2026-33985 FreeRDP: ClearCodec Glyph Cache Count Desync - Heap OOB Read
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched in version 3.24.2...
CVE-2026-4159
1-byte OOB heap read in wcPKCS7DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wcPKCS7DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted...
AZL-77547 CVE-2026-2303 affecting package telegraf for versions less than 1.29.4-21
The mongo-go-driver repository contains CGo bindings for GSSAPI Kerberos authentication on Linux and macOS. The C wrapper implementation contains a heap out-of-bounds read vulnerability due to incorrect assumptions about string termination in the GSSAPI standard. Since GSSAPI buffers are not...
Linux Distros Unpatched Vulnerability : CVE-2025-68118
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.0, a vulnerability exists in FreeRDP's certificate handling code on Windo...
EUVD-2017-17273
Malware in sbrugna...
CVE-2024-52545
An unauthenticated attacker can perform an out of bounds heap read in the IQ Service TCP port 9876. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...
opensc: buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package
A vulnerability was found in OpenSC. This issue causes a buffer overrun in the pkcs15 cardoshaveverifyrcpackage. This flaw allows an attacker to supply a smart card package with a malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for two tags, where the remainin...
CVE-2022-21730 Out of bounds read in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. The implementation of FractionalAvgPoolGrad does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this...
Mageia: Security Advisory (MGASA-2018-0113)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google TensorFlow Heap Read Vulnerability
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a heap read vulnerability. An attacker can exploit the vulnerability to trigger an OOB read from the heap...
Heap out-of-bounds read vulnerability exists in ABC Lookout of Shanghai Zhanmeng Network Technology Co. Ltd (CNVD-2020-64623)
ABC Viewer is a permanent free image viewing software, intelligently turns on hardware acceleration and supports a variety of image formats. ABC Viewer has a heap out-of-bounds read vulnerability that can be exploited by attackers to cause a denial of service...
SUSE-SU-2020:1553-1 Security update for libexif
This update for libexif to 0.6.22 fixes the following issues: Security issues fixed: - CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file bsc1055857. - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exifdatasavedataentry function in...