ROS-20260609-73-0009

The vulnerability of the ngxhttpsslmodule module in NGINX Plus and NGINX Open Source web servers is related to the use of memory after deallocation. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality and accessibility of protected information...

PT-2026-48259

Name of the Vulnerable Software and Affected Versions Acrobat Reader versions prior to 26.001.21652 Description An out-of-bounds read issue exists where the software reads data outside the intended buffer in memory. This can lead to the disclosure of sensitive memory information. Exploitation...

PT-2026-48257

Name of the Vulnerable Software and Affected Versions Acrobat Reader versions 24.001.30365 through 26.001.21651 Description A Use After Free issue exists in the annotation component, which occurs when a program continues to use a pointer after it has been freed, potentially leading to the...

FreeBSD -- Arm CPU errata may bypass page table permission changes

Problem Description: Some Arm CPUs have errata where the ordering of stores and the TLBI+DSB sequence may be incorrect. If one CPU stores to a virtual address while another CPU invalidates the translation for that address, the second CPU's TLBI+DSB may complete before the first CPU's store has be...

RHEL 10 : thunderbird (RHSA-2026:24719)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:24719 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox E...

EulerOS 2.0 SP11 : mesa (EulerOS-SA-2026-2254)

According to the versions of the mesa packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an...

EulerOS 2.0 SP11 : mesa (EulerOS-SA-2026-2217)

According to the versions of the mesa packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an...

ASP non-Coherent Memory Access

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54509| Improper access control for register interface in the input-output memory management unit IOMMU could allow a privileged attacker to cause non-coherent accesses by the AMD Secure...

AMD uProf Vulnerabilities

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-0466| Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service...

APSB26-62 : Security update available for Adobe Dreamweaver

Adobe has released a security update for Adobe Dreamweaver. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution, memory exposure, and arbitrary file system read...

CVE-2026-36821

Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

EulerOS 2.0 SP11 : libsoup (EulerOS-SA-2026-2213)

According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in th...

Linux Distros Unpatched Vulnerability : CVE-2026-46325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different fr...

PT-2026-48304

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

PT-2026-48217

Name of the Vulnerable Software and Affected Versions SQLite versions prior to 3.53.2 Description Memory corruption issues exist in the FTS5 full-text search extension. An attacker can cause process crashes, memory exhaustion, or arbitrary code execution by providing a crafted database containing...

MemVenom: Triggered Poisoning of Multimodal Memories in Web Agents

External memory has become a core component of modern web agents, enabling long-horizon reasoning through the retrieval of past experiences. However, this paradigm introduces a critical vulnerability: malicious content injected into memory can be persistently recalled and repeatedly influence age...

PT-2026-47781

A heap buffer overflow flaw was found in 389 Directory Server. When audit logging is enabled, the create masked entry string function in auditlog.c copies a fixed-length password mask into a precisely-sized heap buffer without checking available space. If a short cleartext password is logged...

RHEL 9 : thunderbird (RHSA-2026:24721)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:24721 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ES...

PT-2026-47783

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE SIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGE SIZE. The core issue is that rxe set page is call...

ROS-20260609-73-0038

The vulnerability in Thunderbird is related to an operation that goes beyond the buffer boundaries in memory. Exploitation of this vulnerability can be carried out remotely...