Lucene search
+L

2302 matches found

opensuse
opensuse
added yesterday3 views

Security update for nasm (low)

openSUSE security update: security update for nasm ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21333-1 Rating: low References: bsc1261985 bsc1261986 Cross-References: CVE-2026-6067 CVE-2026-6068 CVSS scores: CVE-2026-6067 SUSE : 3.3...

4.6CVSS6.3AI score0.00414EPSS
Exploits2References2
redhat
redhat
added 3 days ago4 views

openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

A flaw was found in OpenSSL. When processing a specially crafted PKCS7 or S/MIME Secure/Multipurpose Internet Mail Extensions signed message, a heap use-after-free vulnerability in the PKCS7verify function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an emp...

8.8CVSS6.2AI score0.02719EPSS
Exploits0References4
redhatcve
redhatcve
added 5 days ago7 views

CVE-2026-61857

A flaw was found in ImageMagick. This vulnerability allows a remote attacker to cause the application to crash. The issue stems from improper handling of XMP Extensible Metadata Platform profiles within image files. By crafting a malicious image with specially designed XMP data, an attacker can...

7.5CVSS6.1AI score0.00265EPSS
Exploits0References5
osv
osv
added 5 days ago3 views

UBUNTU-CVE-2026-61857

ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null check when parsing XMP profiles. Attackers can craft malicious image files with specially crafted XMP data to trigger the vulnerability and cause application crashes...

7.5CVSS6.1AI score0.00265EPSS
Exploits0References4
osv
osv
added 5 days ago4 views

CVE-2026-61857 ImageMagick before 7.1.2-26 Heap Use-After-Free via XMP

ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null check when parsing XMP profiles. Attackers can craft malicious image files with specially crafted XMP data to trigger the vulnerability and cause application crashes...

6.3CVSS6.1AI score0.00265EPSS
Exploits0References4
osv
osv
added 2026/07/09 12:49 p.m.1 views

OESA-2026-2885 util-linux security update

The util-linux package contains a random collection of files that implements some low-level basic linux utilities. Security Fixes: A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw point...

6.8CVSS6AI score0.00112EPSS
Exploits0References2
nessus
nessus
added 2026/07/09 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-56297

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP before 3.22.0 contains a use-after-free vulnerability in dvcmanchannelclose and dvcmancallonreceive due to improper synchronization of channelcallback...

8.3CVSS6.5AI score0.00281EPSS
Exploits1References4
nvd
nvd
added 2026/07/08 9:16 a.m.8 views

CVE-2026-56000

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS0.00192EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/07/08 7:36 a.m.6 views

CVE-2026-56000

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS6AI score0.00192EPSS
Exploits0References3
osv
osv
added 2026/07/08 7:36 a.m.2 views

CVE-2026-56000 xorg-x11-server / xwayland GLX contextTags Use-After-Free in CommonMakeCurrent()

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS6.1AI score0.00192EPSS
Exploits0References5
alpinelinux
alpinelinux
added 2026/07/08 7:36 a.m.9 views

CVE-2026-56000

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS6AI score0.00192EPSS
Exploits0
nessus
nessus
added 2026/07/08 12:0 a.m.13 views

RockyLinux 10 : freerdp (RLSA-2026:36203)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:36203 advisory. freerdp: FreeRDP: Remote code execution via heap-buffer-overflow in gdiCacheToSurface CVE-2026-40033 freerdp: FreeRDP: Arbitrary code execution or deni...

9.8CVSS7.4AI score0.03453EPSS
Exploits5References11
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.9 views

PT-2026-56335

Name of the Vulnerable Software and Affected Versions xorg-server versions prior to 21.2.24 xwayland versions prior to 24.1.13 Description Local attackers with an X connection can cause a Heap Use After Free, a condition where the system continues to use a memory address after it has been freed,...

9CVSS6.2AI score0.00192EPSS
Exploits0References27
redhat
redhat
added 2026/07/07 2:35 p.m.6 views

Important: Red Hat Security Advisory: compat-openssl10 security update

An update for compat-openssl10 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

8.8CVSS6AI score0.02719EPSS
Exploits0References2
nessus
nessus
added 2026/07/07 12:0 a.m.5 views

RHEL 10 : freerdp (RHSA-2026:36203)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:36203 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...

9.8CVSS7.4AI score0.03453EPSS
Exploits5References12
redhat
redhat
added 2026/07/06 8:58 a.m.7 views

openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

A flaw was found in OpenSSL. When processing a specially crafted PKCS7 or S/MIME Secure/Multipurpose Internet Mail Extensions signed message, a heap use-after-free vulnerability in the PKCS7verify function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an emp...

8.8CVSS6.7AI score0.02719EPSS
Exploits0References4
osv
osv
added 2026/07/02 6:58 a.m.3 views

OPENSUSE-SU-2026:21207-1 Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issue - CVE-2026-46523: heap-use-after-free via a crafted MSL image bsc1268125...

7.5CVSS5.9AI score0.00301EPSS
Exploits0References2
nessus
nessus
added 2026/07/02 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-54898

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parserparse is vulnerable to a heap...

2.1CVSS6.1AI score0.00117EPSS
Exploits0References3
nvd
nvd
added 2026/07/01 12:16 a.m.5 views

CVE-2026-54898

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parserparse is vulnerable to a heap use-after-free when a SAJ/SAJ2 callback mutates the input JSON string during parsing. The C engine holds a raw const byte pointer into the Ruby...

2.1CVSS0.00117EPSS
Exploits0References1
osv
osv
added 2026/07/01 12:16 a.m.3 views

DEBIAN-CVE-2026-54897

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to 3.17.2, Oj::Doc iterators eachvalue, eachchild, eachleaf were vulnerable to a heap use-after-free. When a Ruby block yielded during iteration calls doc.close or d.close, the document's heap memory is freed...

2.1CVSS5.7AI score0.00117EPSS
Exploits0References1
Rows per page
Query Builder