91211 matches found
BELL-CVE-2026-53351 CVE-2026-53351 does not affect BellSoft software
Bulletin has no description...
DEBIAN-CVE-2026-14355
In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...
DEBIAN-CVE-2026-14604
A vulnerability was determined in Open Asset Import Library Assimp up to 6.0.4. Affected is the function Assimp::Exporter::ExportToBlob of the file code/AssetLib/Ply/PlyLoader.cpp of the component PLY Model Handler. This manipulation causes double free. The attack can be initiated remotely. The...
CGA-HFHH-VC5H-3M53
Bulletin has no description...
CGA-PG8R-8M63-V32P
Bulletin has no description...
CGA-8349-J6V3-QW75
Bulletin has no description...
CGA-V75M-8572-4J65
Bulletin has no description...
CGA-C9GM-Q3XM-PG2P
Bulletin has no description...
CGA-WMWR-29MF-6427
Bulletin has no description...
CGA-3M4Q-6RQR-JXRW
Bulletin has no description...
CGA-5Q9R-44PM-G2Q2
Bulletin has no description...
DEBIAN-CVE-2026-8804
Puppet resourceapi shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x does not preserve the sensitive flag on parameters defined via the resource-api, causing values such as passwords to be stored in cleartext in the agent's local transaction state cache. Affected versions of th...
DEBIAN-CVE-2026-14544
A flaw was found in HPLIP HP Linux Imaging and Printing Software. This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling...
CGA-CWXR-C5VF-P22P
Bulletin has no description...
DEBIAN-CVE-2026-8925
The curl logic that works with SASL authentication could end up cleaning up the GSASL context twice without clearing the pointer in between, making it free the same pointer twice...
DEBIAN-CVE-2026-11352
An issue in curl’s QUIC UDP receive function allows a malicious HTTP/3 server to trigger a remote denial of service against a curl or libcurl client. Because the helper function discards zero-length UDP datagrams before counting them toward the per-call packet budget, a connected QUIC peer can...
DEBIAN-CVE-2026-11856
Successfully using libcurl to do a transfer to a specific HTTP origin hostA with Digest authentication and then changing the origin to a different one hostB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Authorization: header field meant for hostA, to hostB...
DEBIAN-CVE-2026-11586
By default, curl automatically responds to WebSocket PING frames. Because curl lacks an upper bound on memory allocation for unacknowledged frames, a malicious server can exhaust all available memory by flooding curl with rapid, sequential PING messages...
ECHO-D96B-E170-7D9F
Bulletin has no description...
ECHO-B241-5686-39E3
Bulletin has no description...