138 matches found
EUVD-2026-39455
socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...
PT-2026-52504
Name of the Vulnerable Software and Affected Versions socat versions 1.8.0.0 through 1.8.1.1 Description A heap-based buffer overflow exists in the SOCKS5 DOMAINNAME reply parser during proxy connection setup. The issue stems from a sign-extension flaw where the domain name length byte is read as...
CVE-2026-53423
Allocation of Resources Without Limits or Throttling vulnerability in membraneframework membranemp4plugin allows unauthenticated denial-of-service via BEAM atom table exhaustion. The MP4 box header parser converts each 4-byte box name to an atom using String.toatom/1 without validation...
SUSE-SU-2026:2324-1 Security update for perl-XML-LibXML
This update for perl-XML-LibXML fixes the following issue - CVE-2026-8177: read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences bsc1264715...
Amazon Linux 2023 : perl-XML-LibXML, perl-XML-LibXML-tests (ALAS2023-2026-1795)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1795 advisory. XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. A node name ending in the middle of a multi byte UTF-8...
Medium: perl-XML-LibXML
Issue Overview: XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. A node name ending in the middle of a multi byte UTF-8 sequence causes the parser to read past the end of the input string into adjace...
BIT-GOLANG-2026-27145 Inefficient candidate hostname parsing in crypto/x509
x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically based on the number...
Security update for ovmf (important)
openSUSE security update: security update for ovmf ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20875-1 Rating: important References: bsc1261469 bsc1261476 bsc1261477 bsc1261478 Cross-References: CVE-2026-25833 CVE-2026-25834 CVE-2026-25835...
SUSE-SU-2026:21981-1 Security update for ovmf
This update for ovmf fixes the following issues: - CVE-2026-25833: mbedtls: buffer overflow in the x509inetptonipv6 function bsc1261476. - CVE-2026-25834: mbedtls: client accepts signature algorithm chosen by server even if not advertised in client hello bsc1261477. - CVE-2026-25835: mbedtls: no...
ALSA-2026:20597 Moderate: glibc security update
The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...
CLSA-2026-1778938383 Fix CVE(s): CVE-2026-43964
SECURITY UPDATE: Fix buffer over-read in DSN code parsing dsnsplit - debian/patches/CVE-2026-43964.patch: Fix buffer over-read in DSN code parsing dsnsplit - CVE-2026-43964...
Updated perl-XML-LibXML packages fix security vulnerability
XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. CVE-2026-8177...
Unity Linux 20.1060e / 20.1070e Security Update: openldap (UTSA-2026-017568)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017568 advisory. A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of...
CVE-2026-8177
XML::LibXML for Perl versions up to 2.0210 parses XML node names containing truncated UTF-8 byte sequences, causing out-of-bounds reads in heap memory when a node name ends mid-multi-byte UTF-8. This can crash the Perl process and lead to denial of service. Evidence across multiple sources (NVD/S...
JLSEC-2026-263 Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file...
Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...
JLSEC-2026-172
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...
JLSEC-2026-171
A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in adkeystring, resulting in denial of service...
wolfSSL(CyaSSL) 安全漏洞
wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, aimed at developers working with embedded systems. wolfSSL CyaSSL contains security vulnerabilities; these vulnerabilities stem from the parsing of URI names during certificate chain...
SUSE CVE-2026-34874
An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...
CVE-2026-34610
The CVE affects leancrypto's PQC-focused crypto library. Before 1.7.1, lc_x509_extract_name_segment() truncates size_t vlen to uint8_t for CN length, allowing an attacker to craft a certificate whose CN impersonates the victim’s CN during PKCS#7 verification, certificate chain matching, and code ...