SUSE CVE-2026-11774

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

EUVD-2026-34780

A heap-based buffer overflow vulnerability in the dot11ah.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.13 allows an unauthenticated attacker within radio range to cause a Denial of Service kernel panic or potentially achieve Remote Code Execution via a...

SUSE-SU-2026:2053-1 Security update for busybox

This update for busybox fixes the following issue - CVE-2026-29004: Heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c bsc1263989...

PT-2026-43130

A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompress R2004 section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available...

Astra Linux - уязвимость в chromium

A heap buffer overflow in the Mojom IDL of Google Chrome prior to version 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

Linux Distros Unpatched Vulnerability : CVE-2026-41989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt. CVE-2026-41989 Note th...

PT-2026-29899

Name of the Vulnerable Software and Affected Versions Hirschmann Industrial IT products BAT-R, BAT-F, BAT450-F, BAT867-R, BAT867-F, WLC, BAT Controller Virtual Description Hirschmann Industrial IT products are susceptible to a heap overflow in the HiLCOS web interface. Unauthenticated remote...

Mageia: Security Advisory (MGASA-2026-0058)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-22891

CVE-2026-22891 describes a heap-based buffer overflow in the Intan CLP parsing functionality of the Biosig Project’s libbiosig 3.9.2 and its Master Branch (db9a9a63). A specially crafted Intan CLP file can lead to arbitrary code execution, with an attacker able to provide a malicious file to trig...

RHEL 9 : freerdp (RHSA-2026:2048)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2048 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...

CVE-2025-62673

The CVE-2025-62673 issue affects TP-Link Archer AX53 v1.0 through 1.3.1 Build 20241120, with a heap-based buffer overflow in the tdpserver modules that can be triggered by a crafted network packet from a nearby attacker, potentially causing a segmentation fault or arbitrary code execution. The Re...

CVE-2025-61983

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 tmpserver modules allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length...

PT-2026-4548

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have a Heap Buffer Overflow vulnerability in CIccTagNamedColor2::SetSize. This occurs when user-controllable input is unsafely incorporated into ICC profi...

MiracleLinux 3 : perl-DBD-Pg-1.49-2AXS3.1 (AXSA:2009-57:01)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2009-57:01 advisory. An implementation of DBI for PostgreSQL for Perl. Fixed bugs: CVE-2009-0663 Heap-based buffer overflow in the DBD::Pg aka DBD-Pg or libdbd-pg-perl...

CVE-2026-22791

openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...

CVE-2023-29995

In NanoMQ v0.15.0-0, a Heap overflow occurs in copynutf8str function of mqttparser.c...

CVE-2023-40802

The getparentControllistInfo function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45cn...

CVE-2016-10722

partclone.fat in Partclone before 0.2.88 is prone to a heap-based buffer overflow vulnerability due to insufficient validation of the FAT superblock, related to the markreservedsectors function. An attacker may be able to execute arbitrary code in the context of the user running the affected...

CVE-2022-38980

The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions...

CVE-2022-31699

VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure...