134 matches found
EUVD-2026-26581
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-adc161s626: use DMA-safe memory for spiread Add a DMA-safe buffer and use it for spiread instead of a stack memory. All SPI buffers must be DMA-safe. Since we only need up to 3 bytes, we just use a u8 instead of be16...
CVE-2026-42476
Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...
CVE-2026-41319 MailKit has STARTTLS Response Injection via unflushed stream buffer that enables SASL mechanism downgrade
MailKit is a cross-platform mail client library built on top of MimeKit. A STARTTLS Response Injection vulnerability in versions prior to 4.16.0 allows a Man-in-the-Middle attacker to inject arbitrary protocol responses across the plaintext-to-TLS trust boundary, enabling SASL authentication...
Siemens RUGGEDCOM, SCALANCE and SIMATIC Out-of-bounds Read (CVE-2021-3712)
ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...
PT-2026-34620
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.0 to before 0.10.78, the from pem callback APIs did not validate the length returned by the user's callback. A password callback that returns a value larger than the buffer it was given can cause some versions of...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2026-1536: Always validate the headers value when coming from untrusted source to avoid HTTP header injection. bsc1257440 CVE-2026-1761: Check length of bytes read in soupfilterinputstreamreaduntil to avoid a stack-based buffer overflow...
MiracleLinux 8 : openssl-1.1.1k-5.el8 (AXSA:2021-2837:06)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2837:06 advisory. openssl: Read buffer overruns processing ASN.1 strings CVE-2021-3712 Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 9 : openssl-3.0.1-47.el9 (AXSA:2023-5192:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5192:01 advisory. openssl: read buffer overflow in X.509 certificate verification CVE-2022-4203 openssl: timing attack in RSA Decryption implementation CVE-2022-4304...
CVE-2022-42385
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CLSA-2025-1766601879 gnutls: Fix of CVE-2025-32989
CVE-2025-32989: fix read buffer overrun in x509 SCT timestamps...
EUVD-2018-13106
Malware in sbrugna...
EUVD-2018-19166
Malware in sbrugna...
EUVD-2019-2173
Malware in sbrugna...
EUVD-2017-18109
Malware in sbrugna...
EUVD-2025-14391
Malicious code in bioql PyPI...
EUVD-2021-32691
Malicious code in bioql PyPI...
EUVD-2021-31288
Malicious code in bioql PyPI...
EUVD-2023-0809
Malicious code in bioql PyPI...
EUVD-2025-11208
Malicious code in bioql PyPI...
EUVD-2023-43325
Malicious code in bioql PyPI...