13 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-42859
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An...
SUSE CVE-2026-42859
Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An unauthenticated remote attacker who can reach the VNC listening socket can send a crafted security type 5 RSA-AES or security type 129 RSA-AES-25...
CVE-2026-42859
Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An unauthenticated remote attacker who can reach the VNC listening socket can send a crafted security type 5 RSA-AES or security type 129 RSA-AES-25...
DEBIAN-CVE-2026-42859
Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An unauthenticated remote attacker who can reach the VNC listening socket can send a crafted security type 5 RSA-AES or security type 129 RSA-AES-25...
CVE-2026-42859
Neat VNC prior to 0.9.6 is affected by a pre-authentication stack buffer overflow in the RSA-AES security type handler. An unauthenticated remote attacker who can reach the VNC listening socket can send a crafted handshake (security type 5 or 129) with an oversized client RSA public key, causing ...
EUVD-2026-29167
Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An unauthenticated remote attacker who can reach the VNC listening socket can send a crafted security type 5 RSA-AES or security type 129 RSA-AES-25...
CVE-2026-42859
Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An unauthenticated remote attacker who can reach the VNC listening socket can send a crafted security type 5 RSA-AES or security type 129 RSA-AES-25...
CVE-2026-42859
Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An unauthenticated remote attacker who can reach the VNC listening socket can send a crafted security type 5 RSA-AES or security type 129 RSA-AES-25...
PT-2026-39714
Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An unauthenticated remote attacker who can reach the VNC listening socket can send a crafted security type 5 RSA-AES or security type 129 RSA-AES-25...
MAL-2026-2508 Malicious code in @fairwords/websocket (npm)
The @fairwords/websocket package was compromised as part of the TeamPCP/CanisterWorm campaign. A postinstall hook executes node scripts/check-env.js || true which performs multi-stage credential harvesting, encrypted exfiltration, and self-propagation. The payload harvests 40+ environment variabl...
CVE-2025-9513 editso fuso mod.rs PenetrateRsaAndAesHandshake inadequate encryption
A flaw has been found in editso fuso up to 1.0.4-beta.7. This affects the function PenetrateRsaAndAesHandshake of the file src/net/penetrate/handshake/mod.rs. This manipulation of the argument privkey causes inadequate encryption strength. Remote exploitation of the attack is possible. A high...
FLASH zero-day Vulnerability CVE-2018-5002 in the Middle East directed network attacks exploit-vulnerability warning-the black bar safety net
! Recently, ICEBRG security research team SRT identified Adobe Flash 0 day Vulnerability CVE-2018-5002-directional network attack behavior, the 0-day vulnerability is an attacker for the Middle East region, important individuals and organizations of network penetration. An attacker use the...
PrisonLocker Ransomware Emerges From Criminal Underground
Security researchers from Malware Must Die uncovered new ransomware called PrisonLocker, and said the malware author is either a legitimate security researcher or is posing as one via a personal blog and Twitter handle. Malware Must Die has monitored PrisonLocker’s development since spotting it f...