CVE-2026-40195 Incus nil-pointer dereference in storage bucket import allows denial of service

Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage bucket import logic allows an authenticated user with access to the storage bucket feature to cause the Incus daemon to crash. The vulnerability is present in the backup...

SUSE-SU-2026:20590-1 Security update for autogen

This update for autogen fixes the following issues: - CVE-2025-8746: Fixed improper input validation and memory bounds checking when processing certain malformed configuration files bsc1247921...

EUVD-2023-26782

Malicious code in bioql PyPI...

RockyLinux 9 : libeconf (RLSA-2023:4347)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:4347 advisory. libeconf: stack-based buffer overflow in readfile in lib/getfilecontents.c CVE-2023-22652 Tenable has extracted the preceding description block directly...

Fedora 37 : libeconf (2023-b4b77f950c)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-b4b77f950c advisory. Rebase to 0.5.2 to fix CVE-2023-22652 and CVE-2023-30079 Tenable has extracted the preceding description block directly from the Fedora security...

Fedora 38 : libeconf (2023-6432bb65ae)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-6432bb65ae advisory. Rebase to 0.5.2 to fix CVE-2023-22652 and CVE-2023-30079 Tenable has extracted the preceding description block directly from the Fedora security...

CVE-2023-22652 Stack buffer overflow in "read_file" function

A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...

libeconf 安全漏洞

libeconf is a highly flexible and configurable library for parsing and managing key=value configuration files. A security vulnerability exists in libeconf versions prior to 0.5.2, which stems from the presence of a buffer overflow vulnerability that allows denial-of-service attacks via incorrectl...

SUSE CVE-2023-22652

A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...

SUSE CVE-2019-6442

An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to configremotely in ntpconfig.c, yyparse in ntpparser.tab.c, and yyerror in ntpparser.y...

DEBIAN-CVE-2022-31213

An issue was discovered in dbus-broker before 31. Multiple NULL pointer dereferences can be found when supplying a malformed XML config file...

kubernetes: Docker config secrets leaked when file is malformed and loglevel >= 4

A flaw was found in kubernetes. In Kubernetes, if the logging level is to at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This can occur with client tools like...

DEBIAN-CVE-2020-8564

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects v1.19.3, v1.18.10, v1.17.13...

UBUNTU-CVE-2020-8564

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects v1.19.3, v1.18.10, v1.17.13...

NTPsec Out-of-Bounds Write Vulnerability

NTPsec is an implementation of the Network Time Protocol. An out-of-bounds write vulnerability exists in versions of NTPsec prior to 1.1.3, which can be exploited by an attacker to cause a denial of service by sending a malformed config request...

CVE-2019-6442

An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to configremotely in ntpconfig.c, yyparse in ntpparser.tab.c, and yyerror in ntpparser.y...

CVE-2019-6442

An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to configremotely in ntpconfig.c, yyparse in ntpparser.tab.c, and yyerror in ntpparser.y...