94 matches found
OPENSUSE-SU-2026:21218-1 Security update for perl-List-SomeUtils-XS
This update for perl-List-SomeUtils-XS fixes the following issue - CVE-2026-12844: heap buffer overflow in the pairwise function bsc1269210...
openSUSE 16 Security Update : perl-List-SomeUtils-XS (openSUSE-SU-2026:21218-1)
The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:21218-1 advisory. This update for perl-List-SomeUtils-XS fixes the following issue - CVE-2026-12844: heap buffer overflow in the pairwise function bsc1269210. Tenable has...
CVE-2026-12844
List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. pairwise collects the values returned by the block into a heap buffer sized to the longer input array, then grows the buffer before each copy with a single quadrupling alloc = 2 instead of a...
CVE-2026-12844
List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. pairwise collects the values returned by the block into a heap buffer sized to the longer input array, then grows the buffer before each copy with a single quadrupling alloc = 2 instead of a...
EUVD-2026-39444
List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. pairwise collects the values returned by the block into a heap buffer sized to the longer input array, then grows the buffer before each copy with a single quadrupling alloc = 2 instead of a...
CVE-2026-12844
CVE-2026-12844 affects List::SomeUtils::XS before 0.59 for Perl. The vulnerability is a heap buffer overflow in pairwise(), where the heap buffer is grown by a single quadrupling (alloc <
CVE-2026-12844 List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function
List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. pairwise collects the values returned by the block into a heap buffer sized to the longer input array, then grows the buffer before each copy with a single quadrupling alloc = 2 instead of a...
CVE-2026-12844 List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function
List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. pairwise collects the values returned by the block into a heap buffer sized to the longer input array, then grows the buffer before each copy with a single quadrupling alloc = 2 instead of a...
PT-2026-52461
Name of the Vulnerable Software and Affected Versions List::SomeUtils::XS versions prior to 0.59 Description A heap buffer overflow exists in the pairwise function. The function collects values returned by a block into a heap buffer sized according to the longer input array. When the buffer needs...
Revisiting Vul-RAG: Reproducibility and Replicability of RAG-Based Vulnerability Detection with Open-Weight Models
Large language models LLMs have shown strong potential for automated software vulnerability detection, particularly in retrieval-augmented generation RAG settings. However, for approaches relying on proprietary models and APIs, reproducibility and replicability remain largely unexplored, raising...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: In brcmfmac, cfg80211: Handle PMKSA deletion based on the SSID. wpasupplicant 2.11 sends commands for PMKSA flush based on the SSID from version 1efdba5fdc2c statement: “Handle PMKSA flush in the driver for SAE/OWE offlo...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: The PMK parameter is now passed as binary data, rather than hexadecimal data. It appears that the hexadecimal passphrase mechanism does not work on newer chips/firmwares e.g., BCM4387. There was actually...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013789)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013789 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase...
AEGIS: From Clues to Verdicts -- Graph-Guided Deep Vulnerability Reasoning Via Dialectics and Meta-Auditing
Large Language Models LLMs are increasingly adopted for vulnerability detection, yet their reasoning remains fundamentally unsound. We identify a root cause shared by both major mitigation paradigms agent-based debate and retrieval augmentation: reasoning in an ungrounded deliberative space that...
CVE-2026-26007
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...
CVE-2019-12587
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266NONOSSDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key PMK after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames v...
Linux Distros Unpatched Vulnerability : CVE-2023-53715
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It...
DEBIAN-CVE-2023-53715
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It seems there was a simple way of passing it in binary all along, so use...
CVE-2023-53715 wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It seems there was a simple way of passing it in binary all along, so use...
CVE-2023-53715 wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It seems there was a simple way of passing it in binary all along, so use...