94 matches found
Astra Linux – Vulnerability in Apache2
Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch, especially when an extremely large input buffer is used. Although no code distributed with the server can be forced to make such a call, third-party modules or Lua scripts that us...
Updated libssh packages fix security vulnerabilities
CVE-2025-4877 Write beyond bounds in binary to base64 conversion functions CVE-2025-4878 Use of uninitialized variable in privatekeyfromfile CVE-2025-5318 Likely read beyond bounds in sftp server handle management CVE-2025-5351 Double free in functions exporting keys CVE-2025-5372 sshkdf returns ...
Advisory ROSA-SA-2026-3312
Software: ffmpeg 4.4.6 OS: ROSA-CHROME Unaffected versions: = ffmpeg-4.4.6-4 Affected versions: ffmpeg-4.4.6-4 CVE-ID: CVE-2026-40962 BDU-ID: None CVE-Crit: Medium CVE-DESCRIPTION: The vulnerability related to integer overflow in FFmpeg allows an attacker to execute write operations beyond the...
kernel: net: sched: act_csum: validate nested VLAN headers
A flaw was found in the Linux kernel's network scheduler component. A remote attacker could send specially crafted network packets containing nested Virtual Local Area Network VLAN headers. This could cause the kernel to read beyond allocated memory, leading to a system crash and a denial of...
libssh: libssh: Denial of Service due to malformed SFTP message
A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...
BIT-JAVA-2024-47777 GHSL-2024-259: GStreamer has an OOB-read in gst_wavparse_smpl_chunk
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gstwavparsesmplchunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer is...
CVE-2026-34002
A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...
CVE-2026-41503
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by sending an RP...
CVE-2026-5367
CVE-2026-5367 : A flaw in OVN (Open Virtual Network) allows a remote attacker to trigger an out-of-bounds read in ovn-controller by sending crafted DHCPv6 SOLICIT packets with an inflated Client ID length. This can disclose sensitive heap memory to the attacker’s VM port. Connected sources consis...
UBUNTU-CVE-2026-34941
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...
PT-2026-31335
Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description Kibana’s Fleet plugin debug route handlers exhibit execution with unnecessary privileges, potentially allowing authenticated users with Fleet sub-feature privileges to read index data beyond...
DEBIAN-CVE-2026-28418
Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...
UBUNTU-CVE-2026-28418
Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...
PT-2026-22417
Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0074 Description Vim, an open source command line text editor, has an issue where a heap-based buffer overflow out-of-bounds read can occur in the Emacs-style tags file parsing logic. Processing a specially crafted,...
kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing
A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...
UBUNTU-CVE-2025-55130
A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...
OESA-2026-1124 libpng security update
The libpng package contains libraries used by other programs for reading and writing PNG format files. The PNG format was designed as a replacement for GIF and, to a lesser extent, TIFF, with many improvements and extensions and lack of patent problems. Security Fixes: LIBPNG is a reference libra...
CVE-2025-48622
In ProcessArea of dngmiscopcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987395)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987395 advisory. In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix read out-of-bounds in ubifswbufwritenolock Function ubifswbufwritenolock may access b...
CVE-2025-8959
HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9...