196 matches found
EUVD-2026-43006
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...
CVE-2026-10657 Out-of-bounds read in Zephyr DNS resolver mDNS suffix check (memcmp past string NUL)
Zephyr's DNS resolver detects mDNS .local queries in dnsresolvenameinternal subsys/net/lib/dns/resolve.c with memcmpstrrchrquery, '.', ".local", 7, which always reads a fixed 7 bytes from the suffix pointer. When the resolved hostname's final label is shorter than 7 bytes e.g. names ending in .or...
CVE-2026-7831
UltraVNC viewer through 1.8.2.2 contains an off-by-one stack buffer overflow in the RFB ServerInit message handler. In vncviewer/ClientConnection.cpp, when the server-supplied nameLength equals exactly 2024 the code declares a 2024-byte stack buffer dn2024 and calls ReadStringdn, 2024. ReadString...
Linux Distros Unpatched Vulnerability : CVE-2026-53023
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: terminate the cached volume label after UTF-8 conversion ntfsfillsuper loads the on-disk volume label with utf16stoutf8s and stores the result in...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Buffer validation was corrected by including the size of the null-terminating character in the EA length. The smb2setea function, which handles Extended Attributes EA, conducted buffer validation checks that incorrectly...
CVE-2026-55654 Openssh: heap out-of-bounds read in red hat enterprise linux versions of openssh gssapi indicator cleanup due to missing null sentinel termination
A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI Generic Security Service Application Programming Interface indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, under specific...
CVE-2026-55654
CVE-2026-55654 describes a heap out-of-bounds read in OpenSSH during GSSAPI indicator cleanup when a trailing NULL termination is missing in the auth-indicators array. A remote attacker in configurations using GSSAPI authentication with Kerberos could trigger a crash/abort in the SSH authenticati...
CVE-2026-9265 Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in print_attribute UTF8STRING path
Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in printattribute UTF8STRING path. printattribute copies a UTF8STRING ASN.1 attribute value into a heap buffer sized exactly to its declared length via strncpy, leaving no NUL terminator. Downstream callers run strlen on...
EUVD-2026-38103
Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in printattribute UTF8STRING path. printattribute copies a UTF8STRING ASN.1 attribute value into a heap buffer sized exactly to its declared length via strncpy, leaving no NUL terminator. Downstream callers run strlen on...
UBUNTU-CVE-2026-52859
Vim is an open source, command line text editor. Prior to version 9.2.0565, the updatesnapshot function in src/terminal.c copies the visible terminal screen into the scrollback buffer when a snapshot is taken. For each screen cell it walks the cell's chars array with no upper bound, stopping only...
Astra Linux – Vulnerability in netcdf
A issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, when parsing a crafted XML file, performs incorrect memory handling. This results in an overflow of the heap-based buffer when strchr is called, starting with a pointer after a '\0' character where the processing of th...
Astra Linux – Vulnerability in NTP
In the mstolfp.c file within NTP 4.2.8p15, there is a buffer overflow vulnerability when a \0' character is added. An adversary may be able to attack a client ntpq process, but they cannot attack the ntpd process...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iio: fixed the potential out-of-bound write issue. The buffer is set to 20 characters. If a caller writes more characters, the count is truncated to the maximum available space in simplewritetobuffer. To prevent access by OoB...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: vpvdpa: fixed the issue where the idtable array was not terminated with a null terminator. Also, an additional virtiodeviceid was allocated as a null terminator. Otherwise, vdpamgmtdevgetclasses might iterate multiple times an...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Tracing: Consider the NULL character when validating the event length. strlen returns the length of a string excluding the null byte. If the string length equals the maximum buffer length, there will be no space left in the buffe...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: txgbe: Space is now reserved for null terminators in propertyEntry. The lists of struct propertyEntry are supposed to be terminated with an empty property. Currently, this driver seems to allocating exactly the amount of spa...
SUSE CVE-2026-43082
In the Linux kernel, the following vulnerability has been resolved: net: txgbe: leave space for null terminators on propertyentry Lists of struct propertyentry are supposed to be terminated with an empty property, this driver currently seems to be allocating exactly the amount of entry used. Chan...
CVE-2026-43082
In the Linux kernel, the following vulnerability has been resolved: net: txgbe: leave space for null terminators on propertyentry Lists of struct propertyentry are supposed to be terminated with an empty property, this driver currently seems to be allocating exactly the amount of entry used. Chan...
CVE-2026-43082
In the Linux kernel, the following vulnerability has been resolved: net: txgbe: leave space for null terminators on propertyentry Lists of struct propertyentry are supposed to be terminated with an empty property, this driver currently seems to be allocating exactly the amount of entry used. Chan...
CVE-2026-43082
In the Linux kernel, the following vulnerability has been resolved: net: txgbe: leave space for null terminators on propertyentry Lists of struct propertyentry are supposed to be terminated with an empty property, this driver currently seems to be allocating exactly the amount of entry used. Chan...