5257 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-50648
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Allocation of resources without limits or throttling in .NET Framework allows an unauthorized attacker to deny service over a network. CVE-2026-50648 Note that...
Linux Distros Unpatched Vulnerability : CVE-2026-56135
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - ntfs-3g - None Ubuntu Linux - In NTFS-3G through 2026.2.25, a heap-based buffer overflow exists in the function buildinheritedid in...
Linux Distros Unpatched Vulnerability : CVE-2026-50526
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper link resolution before file access 'link following' in .NET allows an authorized attacker to perform tampering locally. CVE-2026-50526 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2026-15768
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted...
Linux Distros Unpatched Vulnerability : CVE-2026-15775
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page...
CVE-2026-10846
A flaw was found in ldns. When applications use ldns as a resolver over User Datagram Protocol UDP, it fails to properly match the query's destination address and port with the response's source address and port. Additionally, the query ID and question are not matched with the response. This...
CVE-2026-39244
A flaw was found in adm-zip. A remote attacker can exploit this vulnerability by providing a specially crafted ZIP file. The file's header can be manipulated to declare an extremely large uncompressed size, causing the application to allocate an excessive amount of memory. This excessive memory...
Linux Distros Unpatched Vulnerability : CVE-2026-15713
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in libsoup's HTTP/2 protocol implementation. The library fails to correctly release memory context blocks under specific stream...
CVE-2026-14685
A flaw was found in HdrHistogram. A local attacker could exploit this vulnerability by manipulating the 'Count' argument within the recordValueWithCount function. This manipulation leads to a state issue, which could impact the integrity of data processing within the affected component. Mitigatio...
CVE-2026-15538
A flaw was found in PrimeFaces PrimeReact. A remote attacker can exploit a weakness in the ObjectUtils.mutateFieldData function within the component API. This allows for the improper modification of object prototype attributes, potentially leading to unexpected behavior or further attacks. This...
RHSA-2026:38503 Red Hat Security Advisory: openssl security update
Bulletin has no description...
CVE-2026-52761
A flaw was found in ModSecurity, an open-source web application firewall WAF. The t:utf8toUnicode transformation function, responsible for converting UTF-8 encoded characters to Unicode, generates incorrect output on i386 architectures. This vulnerability allows an attacker to bypass WAF rules,...
Linux Distros Unpatched Vulnerability : CVE-2026-15276
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in pdeljanov Symphonia up to 0.6.0. This vulnerability affects unknown code of the component Metadata Handler. This manipulation causes...
CVE-2026-57156
A flaw was found in FreeRDP clients. A remote attacker, acting as a malicious Remote Desktop Protocol RDP peer, could exploit an integer overflow vulnerability. This overflow occurs when the client processes a specially crafted RDP message, leading to the allocation of an undersized memory buffer...
DEBIAN-CVE-2026-45309
Bulletin has no description...
CVE-2026-53877
A flaw was found in Django. Instantiating django.contrib.gis.gdal.GDALRaster with a bytes object representing a raster file can trigger a heap buffer over-read in the vsibuffer property, reading roughly 32 bytes past the end of the allocated buffer. An attacker who can supply crafted raster data...
CVE-2026-48588
A flaw was found in Django. When django.middleware.cache.UpdateCacheMiddleware or django.views.decorators.cache.cachepage is in use, responses that set a cookie are not excluded from caching if the request includes any cookie, even when that cookie is unrelated to the response for example, a...
CVE-2026-59938
A flaw was found in pypdf, a free and open-source pure-python PDF library. An attacker can exploit this vulnerability by crafting a malicious PDF file with image size values that are significantly larger than the actual embedded image data, causing pypdf to allocate large amounts of memory when...
MINI-Q3MM-J367-6J2C
Bulletin has no description...
CVE-2026-40898
A flaw was found in quic-go, an implementation of the QUIC protocol in Go. A remote attacker can exploit this by sending specially crafted HTTP/3 trailer fields. This can cause the system to allocate excessive memory, leading to a denial-of-service DoS condition where the affected server or clien...