37 matches found
postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory
A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...
EUVD-2026-35240
Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-7503 code-projects for Plugin cstecgi.cgi setWiFiMultipleConfig buffer overflow
A vulnerability was detected in code-projects for Plugin 4.1.2cu.5137. The impacted element is the function setWiFiMultipleConfig in the library /lib/cstemodules/wireless.so of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument wepkey2 results in buffer overflow. The attack can be...
CVE-2026-4775
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...
Azure Linux 3.0 Security Update: redis / valkey (CVE-2024-31449)
The version of redis / valkey installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-31449 advisory. - Redis is an open source, in-memory database that persists on disk. An authenticated user May use a...
MiracleLinux 9 : libX11-1.7.0-8.el9 (AXSA:2023-6905:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6905:01 advisory. libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow CVE-2023-3138 Tenable has...
MiracleLinux 3 : ghostscript-8.15.2-9.4.4.1AXS3 (AXSA:2009-29:01)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-29:01 advisory. Ghostscript is a set of software that provides a PostScriptTM interpreter, a set of C procedures the Ghostscript library, which implements the graphic...
SUSE SLES15: libpng16-16 / libpng16-16-32bit / libpng16-compat-devel / etc (SUSE-SU-2025:4436-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4436-1 advisory. - CVE-2025-65018: Fixed heap buffer overflow in pngcombinerow triggered via pngimagefinishread bsc1254160 - CVE-2025-66293: Fixed...
EulerOS Virtualization 2.13.0 : icu (EulerOS-SA-2025-2579)
According to the versions of the icu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct...
RockyLinux 9 : redis (RLSA-2025:20926)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:20926 advisory. redis: Lua library commands may lead to integer overflow and potential RCE CVE-2025-46817 Redis: Redis: Authenticated users can execute LUA scripts as a...
RLSA-2025:19345 Important: redis:7 security update
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...
Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2020-10531)
An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp. This plugin only works with Tenable.ot. Please visit...
Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2022-25315)
In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503971;...
RHEL 9 : redis (RHSA-2025:20926)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:20926 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, set...
EUVD-2019-7840
Malware in sbrugna...
ROS-20251002-03
A vulnerability in Microsoft's .NET software platform is related to the closing of the HTTP/3 stream while writing code for an application, resulting in a race condition in response. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to sensitive informatio...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.8.1.8)
The version of AOS installed on the remote host is prior to 6.8.1.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.8.1.8 advisory. - BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. CVE-2019-129...
The vulnerability of the Exiv2 metadata management library, related to buffer overflow in dynamic memory, allows a attacker to cause a service failure.
The vulnerability of the Exiv2 metadata management library is related to overflow in the dynamic memory buffer. Exploiting this vulnerability could allow an attacker to cause a service failure...
OESA-2024-2269 redis security update
Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes ,lists, sets anorted sets. Security Fixes: Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its...
UBUNTU-CVE-2023-4734
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846...