Siemens RUGGEDCOM RST2428P Out-of-bounds Write (CVE-2026-1489)

A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds write...

CVE-2026-7383

A flaw was found in OpenSSL. A signed integer overflow vulnerability exists when sizing the destination buffer for Unicode output. This can lead to a heap buffer overflow, which may result in a crash or potentially allow an attacker to execute arbitrary code. Exploitation requires an application ...

Linux Distros Unpatched Vulnerability : CVE-2026-7383

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact...

ALPINE-CVE-2026-7383

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

EulerOS Virtualization 2.13.0 : glib2 (EulerOS-SA-2026-2165)

According to the versions of the glib2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory...

EulerOS Virtualization 2.13.1 : glib2 (EulerOS-SA-2026-2126)

According to the versions of the glib2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory...

EulerOS Virtualization 2.10.1 : glib2 (EulerOS-SA-2026-2019)

According to the versions of the glib2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types...

Linux Distros Unpatched Vulnerability : CVE-2026-39824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString a 16-bit number o...

CLSA-2026-1778492641 perl: Fix of 2 CVEs

CVE-2023-47038: fix write past buffer end via illegal user-defined Unicode property, for almalinux9.2esu - CVE-2025-40909: clone dirhandles without fchdir, for almalinux9.2esu...

CLSA-2026-1774363216 vim: Fix of 3 CVEs

CVE-2026-28420: fix heap-buffer-overflow in :terminal when processing Unicode combining characters from supplementary planes - CVE-2026-28418: fix OOB read in Emacs tags parsing with overlong tag file - CVE-2026-28419: fix heap-buffer-underflow in Emacs tags parsing when delimiter appears at...

Security update for glib2

This update for glib2 fixes the following issues: CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing bsc1257354. CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encodi...

MiracleLinux 8 : nodejs:10 (AXSA:2020-281:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-281:01 advisory. ICU: Integer overflow in UnicodeString::doAppend CVE-2020-10531 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : icu-60.3-2.el8 (AXSA:2020-131:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-131:03 advisory. ICU: Integer overflow in UnicodeString::doAppend CVE-2020-10531 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 4 : firefox-60.3.0-1.0.1.AXS4 (AXSA:2018-3377:08)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2018-3377:08 advisory. Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3 CVE-2018-12390 Mozilla: Crash with nested event loops CVE-2018-12392 Mozilla:...

CVE-2026-21491

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...

CVE-2026-21491 iccDEV has unicode buffer overflow in CIccTagTextDescription

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...

CVE-2026-21491

CVE-2026-21491 affects iccDEV libraries prior to version 2.3.1.2. The vulnerability is a Unicode buffer overflow in CIccTagTextDescription when processing ICC color profiles. Version 2.3.1.2 contains a patch; no workarounds are noted in the provided documents. Remediate by upgrading to 2.3.1.2 or...

CVE-2010-20042

Xion Audio Player versions 1.0.126 and prior are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler SEH chain, allowing an attacker to hijack...

XAMPPv3.3.0-BOF

XAMPPv3.3.0-BOF Proof-of-Concept exploit code for XAMPP v3.3.0...

ICU: Integer overflow in UnicodeString::doAppend()

An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp...