468 matches found
CVE-2026-44042 UltraVNC repeater wi_uudecode off-by-one in base64 decode boundary check
UltraVNC repeater through 1.8.2.2 contains an off-by-one error in the Base64 decode helper used for HTTP Basic authentication. In repeater/webgui/webutils.c:817, the wiuudecode function checks whether the input length exceeds the output buffer with a strict greater-than comparison , while the...
Linux Distros Unpatched Vulnerability : CVE-2026-53148
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - thunderbolt: Clamp XDomain response data copy to allocation size tbxdppropertiesrequest derives the per-packet copy length from the response header without...
CVE-2026-10512
The X25519 x8664 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field element in a non-canonical form, producing an incorrect result from the...
EUVD-2026-38389
MessagePack-CSharp: Denial of service vulnerabilities can swamp the CPU or crash the process with stack and heap overflows...
Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3373 (ALAS-2026-3373)
The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3373 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions...
Astra Linux – Vulnerability in edk2
EDK2 is vulnerable to a vulnerability in the CreateHob function, which allows a user to trigger an integer overflow that leads to a buffer overflow through a local network. Successful exploitation of this vulnerability may result in compromises of confidentiality, integrity, and/or availability...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fixed the bulk-buffer overflow issue. The driver uses buffers sized equal to the endpoint size, but it should not assume that the tx and rx buffers have the same size. A malicious device could cause the...
Astra Linux – Vulnerability in imagemagick
In the IntensityCompare function in /magick/quantize.c, there are calls to PixelPacketIntensity, which may return overflowing values to the caller when ImageMagick processes a crafted input file. To address this issue, the patch introduces and utilizes the ConstrainPixelIntensity function. This...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124 – Fixed a potential overflow issue due to non-sequential channel numbers. Channel numbering must start at 0, and there should be no gaps between channels. Otherwise, it’s possible to exceed the available storage...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: zynqmpdma: In struct zynqmpdmachan, the descsize data type was fixed. In the zynqmpdmaalloc/freechanresources functions, there is a potential overflow in the following expressions: dmaalloccoherentchan-dev, 2...
ROS-20260611-73-0004
The vulnerability of the RDP client FreeRDP is related to the escape of operations beyond the buffer in memory, due to incorrect encoding based on the Base64 standard. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
CVE-2026-48734
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a missing depth or visited-set check. This issue has been patched in versions 6.9.13-49 and 7.1.2-24...
ImageMagick 安全漏洞
ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It allows for reading, converting, and writing images in various formats. Versions of ImageMagick prior to 6.9.13-49 and 7.1.2-24 contained security vulnerabilities. These vulnerabilities were due ...
Kanidm 安全漏洞
Kanidm is a simple and secure identity management platform developed by Kanidm itself. Versions of Kanidm prior to 1.9.3 contained security vulnerabilities. These vulnerabilities were caused by the recursive descent PEG parser in SCIM endpoints, which led to a stack overflow when processing neste...
EulerOS 2.0 SP11 : ncurses (EulerOS-SA-2026-2255)
According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyzestring in progs/infocmp.c.CVE-2025-69720...
Security update 5.0.8 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...
CVE-2026-10719 Open Seachest/Seachest NVMe show Format Descriptors Vulnerability
Out of bounds write in openSeaChest’s --showSupportedFormats in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing 1 extra byte outside of allocated memory which sets a value to 1 via a maliciously crafted NVMe device with a bogus value in the namespace FLBAS byte...
CVE-2026-45681 OpenTelemetry eBPF Instrumentation: CPU-mismatch fallback uses 256-byte buffer with 8KB size
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the per-CPU message-buffer fallback path uses a 256-byte backup buffer but preserves the original payload size, which can be up to 8KB. If a CPU mismatch occurs, OBI can...
SUSE CVE-2026-46217
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
A race condition was detected in the Linux kernel’s media/xc4000 device driver, specifically in the xc4000getfrequency function. This can lead to a return value overflow issue, potentially causing malfunctions or denial-of-service problems...