430 matches found
CVE-2026-42946
A vulnerability CVE-2026-42946 affects the NGINX ngx_http_scgi_module and ngx_http_uwsgi_module. When scgi_pass or uwsgi_pass is configured, an unauthenticated attacker with MITM control over upstream responses may trigger excessive memory allocation or an out-of-bounds read in the NGINX worker, ...
PT-2026-40682
Name of the Vulnerable Software and Affected Versions NGINX affected versions not specified Description An issue in the ngx http scgi module and ngx http uwsgi module modules can lead to excessive memory allocation or an over-read of data. When scgi pass or uwsgi pass is configured, an...
ROS-20260512-73-0010
Vulnerability in beats related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to cause a denial of service...
SUSE SLES15 Security Update : nginx (SUSE-SU-2026:1761-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1761-1 advisory. - CVE-2026-1642: plain text data injection into the response from an upstream proxied server via MITM attack bsc1257675. -...
EUVD-2026-28634
In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...
Security update for nginx
This update for nginx fixes the following issues: CVE-2026-1642: plain text data injection into the response from an upstream proxied server via MITM attack bsc1257675. CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. CVE-2026-27784: NGINX...
CVE-2026-34032
Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...
JLSEC-2026-300
HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VMmemcpyvv in H5VM.c called from H5Dcompactreadvv in H5Dcompact.c...
ovn: ovn: Heap Over-Read in ICMP Error Response Generation
When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...
CVE-2026-41677
A flaw was found in rust-openssl, a library that provides OpenSSL functionalities for Rust applications. The library's password callback functions did not correctly check the size of data provided by a user's callback. This oversight could allow a specially crafted password callback to read beyon...
The vulnerability of the shared_cpu_map function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the sharedcpumap function in the Linux operating system relates to reading memory beyond the allocated buffer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the jv_parse_sized() function in the programming language jq, which allows a hacker to trigger a denial-of-service attack.
The vulnerability of the jvparsesized function in the programming language jq is related to reading data beyond the allowable range of memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...
Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller
CVE-2026-3055 - Security Vulnerability Severity: N/A CV...
nginx 1.1.19 < 1.28.3 / 1.29.x < 1.29.7 Multiple Vulnerabilities in ngx_http_mp4_module
The installed version of nginx is 1.1.19 prior to 1.28.3, or 1.29.x prior to 1.29.7. It is, therefore, affected by multiple vulnerabilities : - The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-wri...
ROS-20260414-73-0058
A vulnerability in the ieee80211rxhaction function in the net/mac80211/rx.c module of the mac80211 stack implementation of the Linux operating system kernel is related to memory reads outside of the allocated buffer. Exploitation of the vulnerability may allow an intruder to affect confidentialit...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006761)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006761 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to...
Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller
CVE-2026-3055 NetScaler SAML IdP check Python helper to probe...
Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller
🔍 CVE-2026-3055 Scanner - NetScaler Memory Overread Detection...
Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller
🔓 CVE-2026-3055 - Citrix NetScaler Memory Overread Exploit !...
Citrix NetScaler SAML IDP - Memory Overread
NetScaler ADC and NetScaler Gateway contain an insufficient input validation vulnerability when configured as a SAML IDP, leading to memory overread, letting attackers potentially access sensitive memory, exploit requires configuration as SAML IDP id: CVE-2026-3055 info: name: Citrix NetScaler SA...