CVE-2026-46055

A flaw was found in the AppArmor security module of the Linux kernel. A missing string termination in the aadfamatch function can lead to a string buffer overrun. This vulnerability could allow a local attacker to cause a denial of service DoS or potentially disclose sensitive information due to ...

CLSA-2026-1778111838 httpd: Fix of 9 CVEs

CVE-2026-24072: fix modrewrite apexpr privilege escalation in htaccess - CVE-2026-28780: fix modproxyajp ajpmsgcheckheader buffer over-read - CVE-2026-29169: fix moddavlock NULL pointer dereference - CVE-2026-33006: fix modauthdigest timing attack - CVE-2026-33007: fix modauthnsocache NULL...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: fbdev: sisfb: Fixed strbuf array overflow issue. The values of the variables xres and yres are stored in strbuf. These variables are derived from strbuf1. The strbuf1 array contains digit characters; if the array contains non-dig...

CLSA-2026-1776687226 Fix CVE(s): CVE-2024-52005

SECURITY UPDATE: ANSI escape sequence injection via sideband - debian/patches/CVE-2024-52005.patch: add strbufaddsanitized to mask control characters in sideband output in sideband.c. - CVE-2024-52005...

CVE-2026-40489

editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ecglob that allows an attacker to crash any application using libeditorconfig by providing a specially crafted directo...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.322.b06-2.el8 (AXSA:2022-3023:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3023:02 advisory. OpenJDK: Incomplete deserialization class filtering in ObjectInputStream Serialization, 8264934 CVE-2022-21248 OpenJDK: Insufficient URI checks in t...

EUVD-2023-34071

Malicious code in bioql PyPI...

kernel: tipc: guard against string buffer overrun

No description is available for this CVE...

Important: kernel-livepatch-4.14.355-275.582

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: tipc: guard against string buffer overrun CVE-2024-49995 In the Linux kernel, the following vulnerability has been resolved: dm cache: fix out-of-bounds access to the dirty bitset when resizing CVE-2024-50279...

Linux Distros Unpatched Vulnerability : CVE-2024-49995

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tipc: guard against string buffer overrun Smatch reports that copying medianame and ifname t...

SUSE-SU-2024:4397-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-49995: tipc: guard against string buffer overrun bsc1232432. - CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus bsc1233479. - CVE-2024-5306...

tipc: guard against string buffer overrun

...

WeeChat 安全漏洞

WeeChat is an extensible live chat client application from the WeeChat open source. A security vulnerability exists in WeeChat versions prior to 4.4.2, which stems from an integer overflow at core/core-string.c, which causes a buffer overflow when the list of items exceeds two billion...

SUSE CVE-2024-50180

In the Linux kernel, the following vulnerability has been resolved: fbdev: sisfb: Fix strbuf array overflow The values of the variables xres and yres are placed in strbuf. These variables are obtained from strbuf1. The strbuf1 array contains digit characters and a space if the array contains...

CVE-2024-49995

A string buffer over-run was found in the Linux kernel. Copying medianame and ifname to nameparts may overwrite the destination, resulting in a software crash. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security...

CVE-2024-49995

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-49995

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-49995

...

CVE-2024-49995

CVE-2024-49995 affects Linux kernels and is described as a string buffer overrun in the TIPC subsystem. Public advisories (e.g., Siemens/ICS, CISA, and Amazon Linux livepatch notes) identify the issue as resolved by updating to patched kernel versions or applying kernel livepatches (e.g., 4.14.35...

GLSA-202209-02 : IBM Spectrum Protect: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202209-02 IBM Spectrum Protect: Multiple Vulnerabilities - IBM Spectrum Protect Client 8.1.0.0-8 through 1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing the current locale...