xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

Important: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

CVE-2026-39365 Vite has a Path Traversal in Optimized Deps `.map` Handling

Vite is a frontend tooling framework for JavaScript. From 6.0.0 to before 6.4.2, 7.3.2, and 8.0.5, the dev server’s handling of .map requests for optimized dependencies resolves file paths and calls readFile without restricting ../ segments in the URL. As a result, it is possible to bypass the...

CVE-2026-39365

CVE-2026-39365 (Vite dev server) : Multiple Vite versions (< 6.4.2, < 7.3.2,

GHSA-4W7W-66W2-5VF9 Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling

Summary Any files ending with .map even out side the project can be returned to the browser. Impact Only apps that match the following conditions are affected: - explicitly exposes the Vite dev server to the network using --host or server.host config option - have a sensitive content in files...

Siemens SIMATIC Devices Improper Input Validation (CVE-2023-52447)

bpf: Defer the free of inner map when necessary when updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the ref-counter of the inner map directly through bpfmapput, if the...

CVE-2023-53660

The CVE-2023-53660 issue affects the Linux kernel’s BPF/CPUMAP path and skb handling in ptr_ring during XDP. Root cause: __cpu_map_ring_cleanup() did not correctly handle skb mode, causing incorrect memory type usage warnings and premature CPU map kthread stoppage; fix implemented by patches to t...

yaml-cpp denial of service vulnerability (CNVD-2019-03333)

yaml-cpp aka LibYaml-C++ is a C++ parser for use in YAML. A denial of service vulnerability exists in the 'SingleDocParser::HandleFlowMap' function in yaml-cpp version 0.6.2. A remote attacker can exploit this vulnerability to cause a denial of service stack consumption and application crash with...

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds. The SingleDocParser::HandleFlowMap function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file. Remediation Upgrade...