56 matches found
SUSE-SU-2026:2759-1 Security update for apache2
This update for apache2 fixes the following issues - CVE-2026-29167: modldap per-dir use-after-free bsc1267976. - CVE-2026-29170: modproxyftp XSS bsc1267977. - CVE-2026-34355: modproxyhtml buffer overflow bsc1267978. - CVE-2026-34356: malicious backend servers can lead to a heap-based buffer...
CVE-2026-53241
A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA sequencer dummy port. This vulnerability arises from a stack overread when processing Universal MIDI Packet UMP events, where the system attempts to copy a UMP-sized packet into a smaller, legacy-sized stack storage. Th...
SUSE CVE-2026-53241
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: dummy: fix UMP event stack overread The dummy sequencer port forwards events by copying an incoming struct sndseqevent into a stack temporary, rewriting source and destination, and dispatching the temporary to...
CVE-2026-53241
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: dummy: fix UMP event stack overread The dummy sequencer port forwards events by copying an incoming struct sndseqevent into a stack temporary, rewriting source and destination, and dispatching the temporary to...
CVE-2026-53241
Summary: CVE-2026-53241 affects the Linux kernel ALSA sequencer dummy port. A local attacker could trigger a stack overread when handling Universal MIDI Packet (UMP) events due to copying a UMP-sized packet into legacy stack storage, leaving the UMP data truncated. The root cause is the dummy cli...
CVE-2026-53241
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: dummy: fix UMP event stack overread The dummy sequencer port forwards events by copying an incoming struct sndseqevent into a stack temporary, rewriting source and destination, and dispatching the temporary to...
CVE-2026-53241
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: dummy: fix UMP event stack overread The dummy sequencer port forwards events by copying an incoming struct sndseqevent into a stack temporary, rewriting source and destination, and dispatching the temporary to...
PT-2026-52336
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA dummy sequencer port where events are forwarded by copying an incoming struct snd seq event into a stack temporary. Because the legacy event storage is smalle...
Unity Linux 20.1060e / 20.1070e Security Update: aspell (UTSA-2026-017553)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017553 advisory. libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character. Tenable has...
Linux Distros Unpatched Vulnerability : CVE-2026-5772
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY...
MiracleLinux 9 : file-5.39-16.el9 (AXSA:2024-7765:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7765:01 advisory. file: stack-based buffer over-read in filecopystr in funcs.c CVE-2022-48554 Tenable has extracted the preceding description block directly from the...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992573)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992573 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one Eric Dumazet...
Astra Linux - уязвимость в curl
libcurl's URL API function curlurlget offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the macidn IDN backend. The conversion function then fills up the provided buffer exact...
Linux Distros Unpatched Vulnerability : CVE-2018-20456
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asmx86nz.c may allow attackers to cause a denial of service application crash in...
Linux Distros Unpatched Vulnerability : CVE-2023-38667
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service. CVE-2023-38667 Note that Nessus relies on the presen...
Linux Distros Unpatched Vulnerability : CVE-2019-20017
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based buffer over-read was discovered in MatVarReadNextInfo5 in mat5.c in matio 1.5.17. CVE-2019-20017 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2019-9033
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libmatio.a in matio aka MAT File I/O Library 1.5.13. There is a stack-based buffer over-read for the Rank and Dimension feature in th...
Linux Distros Unpatched Vulnerability : CVE-2019-9030
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libmatio.a in matio aka MAT File I/O Library 1.5.13. There is a stack-based buffer over-read in MatVarReadNextInfo5 in mat5.c...
UBUNTU-CVE-2024-30166
In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read of less than 256 bytes in a TLS 1.3 server via a TLS 3.1 ClientHello...
AZL-28055 CVE-2022-48554 affecting package file for versions less than 5.40-3
File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: "File" is the name of an Open Source project...