431 matches found
Important: Red Hat Security Advisory: httpd:2.4 security update
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Commo...
CVE-2026-53877
This CVE affects Django’s GIS GDALRaster: in Django 6.0 prior to 6.0.7 and 5.2 prior to 5.2.16, constructing GDALRaster from a bytes object causes an in-memory buffer over-read, potentially disclosing adjacent memory or triggering a segmentation fault when the vsi_buffer property is accessed. Ear...
NetScaler ADC and NetScaler Gateway Multiple Vulnerabilities (CTX696604)
The remote NetScaler ADC formerly Citrix ADC or NetScaler Gateway formerly Citrix Gateway device is version 13.1 prior to 13.1-63.18, 14.1 prior to 14.1-72.61, 13.1-FIPS/NDcPP prior to 13.1-37.272, or 14.1-FIPS prior to 14.1-72.61. It is, therefore, affected by multiple vulnerabilities: -...
PYSEC-2026-702 Out-of-bounds Read in OpenCV
In OpenCV 3.3.1 corresponding with OpenCV-Python 3.3.1.11, a heap-based buffer over-read exists in the function cv::HdrDecoder::checkSignature in modules/imgcodecs/src/grfmthdr.cpp...
Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service
Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC formerly Citrix ADC and NetScaler Gateway formerly Citrix Gateway that could be exploited by an attacker to facilitate arbitrary file reads or trigger a denial-of-service DoS condition. The vulnerabilities are...
CVE-2026-8451
Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP...
CVE-2026-10817
Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server of type LB, CS, VPN or the service configured on NetScaler...
EUVD-2026-40317
Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server of type LB, CS, VPN or the service configured on NetScaler...
CVE-2026-10817
CVE-2026-10817 is an “insufficient input validation leading to memory overread” affecting Citrix NetScaler ADC and NetScaler Gateway when TCP TimeStamp is enabled in the TCP profile and attached to a virtual server (LB, CS, VPN) or the service. Public sources consistently describe the root cause ...
CVE-2026-8451 Insufficient input validation leading to memory overread
Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP...
CVE-2026-8451
CVE-2026-8451 describes insufficient input validation in NetScaler ADC and NetScaler Gateway, causing a memory overread when configured as a SAML IDP. Affected products are NetScaler ADC and NetScaler Gateway; root cause is input validation weaknesses leading to memory overread. The CVSS metrics ...
EUVD-2026-40305
Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP...
PT-2026-53867
Name of the Vulnerable Software and Affected Versions NetScaler ADC affected versions not specified NetScaler Gateway affected versions not specified Description Insufficient input validation leads to a memory overread when the TCP TimeStamp is enabled in the TCP Profile and is associated with a...
SUSE-SU-2026:2641-1 Security update for apache2
This update for apache2 fixes the following issues Update to 2.4.66 jscPED-16334: Security issues: - CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. - CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. - CVE-2026-28780: heap buffer overflow in...
ROS-20260626-73-0010
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
PT-2026-52242
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the thunderbolt component where the tb xdomain copy function copies req-response size bytes from the received packet buffer without considering the actual frame size. ...
USN-8468-1: ImageMagick vulnerabilities
It was discovered that ImageMagick incorrectly handled certain images when using the wavelet-denoise operator. An attacker could possibly use this issue to trigger a heap buffer over-read, resulting in information disclosure. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22....
FreeBSD : nginx -- multiple vulnerabilities (46b654f8-6b28-11f1-b8e5-3497f65b111b)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 46b654f8-6b28-11f1-b8e5-3497f65b111b advisory. The nginx developers report: A heap memory buffer overflow vulnerability when using the...
ROS-20260615-73-0034
The vulnerability of the freerdpbitmapdecompressplanar function in the RDP client FreeRDP is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...
SUSE SLES15 Security Update : nginx (SUSE-SU-2026:2370-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2370-1 advisory. This update for nginx fixes the following issues - CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a...