CVE-2026-2100 P11-kit: null dereference via c_derivekey with specific null parameters

A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...

Siemens S7-1500 Use After Free (CVE-2025-7425)

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

UBUNTU-CVE-2026-2100

NULL dereference via CDeriveKey with specific NULL parameters...

TencentOS Server 3: libxml2 (TSSA-2025:0696)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0696 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Linux Distros Unpatched Vulnerability : CVE-2025-7425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as...

libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

AZL-65409 CVE-2025-7425 affecting package libxslt 1.1.43-3

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

CVE-2025-7425

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

SUSE CVE-2024-50262

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in triegetnextkey triegetnextkey allocates a node stack with size trie-maxprefixlen, while it writes trie-maxprefixlen + 1 nodes to the stack when it has full paths from the root to leaves. For exampl...

UBUNTU-CVE-2024-50262

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in triegetnextkey triegetnextkey allocates a node stack with size trie-maxprefixlen, while it writes trie-maxprefixlen + 1 nodes to the stack when it has full paths from the root to leaves. For exampl...

PT-2024-37050 · WordPress · The Newsletter - Api

Name of the Vulnerable Software and Affected Versions: The Newsletter - API v1 and v2 addon plugin for WordPress versions up to, and including, 2.4.5 Description: The issue allows unauthorized management of subscribers due to a PHP type juggling problem in the check api key function. This enables...

SUSE CVE-2021-32435

Stack-based buffer overflow in the function getkey in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service DoS via unspecified vectors...

PT-2022-28082 · Dropbox · Dropbox

Name of the Vulnerable Software and Affected Versions: Dropbox merou affected versions not specified Description: A critical issue was found in the SSH Public Key Handler component, specifically in the add public key function of the grouper/public key.py file. The manipulation of the public key s...

PT-2022-16309 · Unknown · Zzzcms Zzzphp

Name of the Vulnerable Software and Affected Versions: ZZZCMS zzzphp version 2.1.0 Description: A remote command execution issue was discovered in ZZZCMS zzzphp, allowing for potential exploitation via the danger key function at zzz template.php. Recommendations: For ZZZCMS zzzphp version 2.1.0,...

DEBIAN-CVE-2021-32435

Stack-based buffer overflow in the function getkey in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service DoS via unspecified vectors...

Microsoft Windows Multiple Vulnerabilities (KB4519976)

This host is missing a critical security update according to Microsoft KB4519976 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

DEBIAN-CVE-2018-10771

Stack-based buffer overflow in the getkey function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...