8943 matches found
EUVD-2026-45140
Unsigned to Signed Conversion Error CWE-196 vulnerability exists in TTSSH2 plugin of Tera Term provided by TeraTerm Project. When Tera Term attempts to establish an SSH connection to a server set up by an attacker, out-of-bounds read/write may occur. As a result, the contents of adjacent memory...
CVE-2026-58317
The vulnerability CVE-2026-58317 affects the TTSSH2 plugin used by Tera Term. It is described as an Unsigned to Signed Conversion Error (CWE-196) that can occur when Tera Term connects to a server controlled by an attacker. The issue may trigger an out-of-bounds read/write, potentially causing ad...
CVE-2026-60060
Improper Handling of Length Parameter Inconsistency CWE-130 vulnerability exists in TTSSH2 plugin of Tera Term provided by TeraTerm Project. When Tera Term attempts to establish an SSH connection to a server set up by an attacker, out-of-bounds read/write may occur. As a result, the contents of...
EUVD-2026-45139
Improper Handling of Length Parameter Inconsistency CWE-130 vulnerability exists in TTSSH2 plugin of Tera Term provided by TeraTerm Project. When Tera Term attempts to establish an SSH connection to a server set up by an attacker, out-of-bounds read/write may occur. As a result, the contents of...
CVE-2026-60073
An out-of-bounds read in the Productivity Suite allows a physical attacker to control the length of data sent to a USB device. This can lead to a system crash or disclosure of kernel memory...
EUVD-2026-45036
An out-of-bounds read in the Productivity Suite allows a physical attacker to control the length of data sent to a USB device. This can lead to a system crash or disclosure of kernel memory...
CVE-2026-60073
An out-of-bounds read in the Productivity Suite allows a physical attacker to control the length of data sent to a USB device. This can lead to a system crash or disclosure of kernel memory...
CVE-2026-60073 AutomationDirect Productivity Suite Out-of-bounds Read
An out-of-bounds read in the Productivity Suite allows a physical attacker to control the length of data sent to a USB device. This can lead to a system crash or disclosure of kernel memory...
CVE-2026-60073
The CVE-2026-60073 entry concerns the AutomationDirect Productivity Suite. Affected component: Productivity Suite; vulnerability type: out-of-bounds read. Root cause: an out-of-bounds read allows a physical attacker to influence the length of data sent to a USB device, enabling potential system i...
CVE-2026-10588
Technical details (affected products/components/root cause/fix) are not provided in the supplied documents. Monitor Lenovo advisories and CVE records for updates.
CVE-2026-10588
A potential vulnerability could allow a local privileged attacker to disclose the address of protected System Management Mode memory...
CVE-2026-43740
A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger a use-after-free due to improper memory handling, leading to disclosure of process memory...
CVE-2026-54058
A flaw was found in Pillow prior to 12.3.0. When an uncompressed McIdas AREA image is loaded from a filename through the mmap raw codec path, attacker-controlled header words can set a row stride smaller than the natural row width. Pixel access such as Image.tobytes, getpixel, convert, or save ca...
Linux Distros Unpatched Vulnerability : CVE-2026-54058
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pillow is a Python imaging library. Prior to 12.3.0, when Pillow loads an uncompressed McIdas AREA image from a filename through the mmap raw codec path,...
CVE-2026-40956
CVE-2026-40956 is a memory disclosure vulnerability in Secure Access client versions prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can cause a small amount of random memory to leak...
CVE-2026-40956 Memory disclosure in Secure Access Clients
CVE-2026-40956 is a memory disclosure vulnerability in Secure Access client versions prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can cause a small amount of random memory to leak...
CVE-2026-40956
CVE-2026-40956 is a memory-disclosure vulnerability in Secure Access client versions prior to 14.55. According to connected records, attackers who have intimate knowledge and total control over the tunnel protocol can cause a small amount of random memory to leak. The CVSS v4.0 score is 2.1 (LOW)...
EUVD-2026-44790
CVE-2026-40956 is a memory disclosure vulnerability in Secure Access client versions prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can cause a small amount of random memory to leak...
CVE-2026-40956
CVE-2026-40956 is a memory disclosure vulnerability in Secure Access client versions prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can cause a small amount of random memory to leak...
CVE-2026-60005
NGINX Plus and NGINX Open Source are affected by a vulnerability in the ngx_http_slice_module. When the slice directive and unnamed regex captures are configured, or during a background cache update, unauthenticated remote attackers can trigger uninitialized memory access in the worker process, p...