16884 matches found
CVE-2026-53292
Summary (CVE-2026-53292): The Linux kernel phonet subsystem contains a flaw in pn_socket_autobind() where, if pn_socket_bind() returns -EINVAL while the socket was never bound (pn_port() == 0) and sk states are not TCP_CLOSE, a BUG_ON() triggers a kernel panic from a user-triggerable path. The pa...
EUVD-2026-36190
ImageMagick has Null Pointer Dereference caused by the distort operation when passing incorrect arguments...
CVE-2026-53227
A flaw was found in the Linux kernel's Open vSwitch OVS component. This issue occurs due to incorrect error handling during the allocation of a 'reply' skb socket buffer after locking the ovsmutex. If the allocation fails, an invalid pointer may be passed to kfreeskb, leading to a system crash an...
PT-2026-52971
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The TIFF decoder can panic when processing an invalid image that contains an out-of-bounds strip offset. A panic is a critical error that causes a program to cra...
PT-2026-52931
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the phonet network component where the pn socket autobind function incorrectly handles a failed bind operation. When pn socket bind returns an -EINVAL error, the syste...
SUSE SLES15 Security Update : bind (SUSE-SU-2026:2616-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2616-1 advisory. - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-3039: BIND 9 server memory...
SUSE SLES16: bind / bind-doc / bind-modules-generic / bind-modules-ldap / etc (SUSE-SU-2026:22198-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22198-1 advisory. This update for bind fixes the following issues Upgrade to release 9.20.23: - CVE-2026-3039: BIND 9 server memory exhaustion durin...
CVE-2026-53246
A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A remote attacker could exploit this by sending a specially crafted COOKIEECHO chunk to a listening SCTP server. The server's failure to properly validate the length of a cached peer INIT chunk within...
GHSA-8PJ9-6897-74XC ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions
A missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operations...
ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions
A missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operations...
CVE-2026-10592
Certificates with wildcard DNS SANs e.g. .example.com bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS name constraints could be accepted...
EUVD-2026-39555
X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's DNS name constraints could be accepted...
CVE-2026-42055
A flaw was found in NGINX. When NGINX is configured to proxy HTTP/2 traffic using the ngxhttpproxyv2module or ngxhttpgrpcmodule with specific settings, a remote, unauthenticated attacker can send specially crafted large headers. This can trigger a heap-based buffer overflow, leading to a restart ...
CVE-2026-56770
libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM sentences over VHF marine radio or IP feeds,...
CVE-2026-52959
A flaw was found in the Linux kernel's Secure Encrypted Virtualization SEV guest module. This vulnerability allows a malicious host to provide an invalid buffer size during an extended guest request. This incorrect handling of host-controlled page order during the cleanup process can lead to a...
CVE-2026-53080
A flaw was found in the Linux kernel's traffic control firewall classifier clsfw module. An attacker with the ability to create traffic control filters could exploit a vulnerability where an invalid filter, created using an older method, is processed before proper validation. This can lead to a...
CVE-2026-49839
jq is a command-line JSON processor. Prior to 1.8.2, jq --rawfile can turn a handled oversized-string error into invalid-state reuse and a real heap out-of-bounds write in assertion-disabled builds. When jvloadfileraw=1 reads an attacker-controlled file, it repeatedly appends file chunks to the...
CVE-2026-49839
Summary: CVE-2026-49839 affects jq prior to 1.8.2, where in the --rawfile path an oversized string can trigger invalid-state reuse and heap-buffer-overflow writes. In detail, when jv_load_file(raw=1) reads attacker-controlled data, file chunks are appended to a single jv string accumulator; after...
CVE-2026-49839 jq --rawfile invalid-state reuse after String too long causes heap-buffer-overflow
jq is a command-line JSON processor. Prior to 1.8.2, jq --rawfile can turn a handled oversized-string error into invalid-state reuse and a real heap out-of-bounds write in assertion-disabled builds. When jvloadfileraw=1 reads an attacker-controlled file, it repeatedly appends file chunks to the...
CVE-2026-57236
A flaw was found in Nokogiri, an XML and HTML library for Ruby. When an attacker provides an invalid encoding to the Documentencoding= function, the library frees the document's current encoding string without replacing it. This leaves the document referencing freed memory, which can lead to a...