CVE-2026-9754

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

UBUNTU-CVE-2026-9754

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

MongoDB Server 安全漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which stems from...

JLSEC-2026-569

OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG images. Version 4.12.0 fixes the vulnerability...

PT-2026-49252

OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG images. Version 4.12.0 fixes the vulnerability...

CVE-2026-48840

Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client...

CVE-2026-46132

A flaw was found in the Linux kernel's rtnetlink component. The rtnlfillvfinfo function declares a structure on the stack without full initialization. When processing RTMGETLINK requests with a specific attribute, an unprivileged local process can exploit this to read up to 26 bytes of...

EUVD-2026-12586

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

OpenSSH 安全漏洞

OpenSSH OpenBSD Secure Shell is a set of open-source connection tools developed by OpenBSD in Canada for secure access to remote computers. This tool is an open-source implementation of the SSH protocol, supporting encryption of all transmissions. It effectively prevents eavesdropping, connection...

CVE-2026-24798 An Uninitialized stack variable vulnerability in GaijinEntertainment/DagorEngine

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GaijinEntertainment DagorEngine prog/3rdPartyLibs/miniupnpc modules. This vulnerability is associated with program files upnpreplyparse.C. This issue affects DagorEngine: through dagor20250115...

CVE-2026-24798 An Uninitialized stack variable vulnerability in GaijinEntertainment/DagorEngine

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GaijinEntertainment DagorEngine prog/3rdPartyLibs/miniupnpc modules. This vulnerability is associated with program files upnpreplyparse.C. This issue affects DagorEngine: through dagor20250115...

CVE-2026-24798

CVE-2026-24798 concerns an improper restriction of operations within the bounds of a memory buffer tied to GaijinEntertainment’s DagorEngine (and related 3rd‑party modules such as miniupnpc). Connected sources indicate affected software/versions include DagorEngine up to dagor_2025_01_15, Cardboa...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001244)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001244 advisory. Incorrect error handling in the setmempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive...

MiracleLinux 7 : qemu-kvm-1.5.3-167.el7 (AXSA:2019-4177:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4177:04 advisory. QEMU: Slirp: information leakage in tcpemu due to uninitialized stack variables CVE-2019-9824 Tenable has extracted the preceding description block directly...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003203)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003203 advisory. The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002809)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002809 advisory. Incorrect error handling in the setmempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002950)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002950 advisory. The rawsendmsg function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet-hdrincl that leads to uninitialized stack pointer usage; th...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002584)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002584 advisory. The rawsendmsg function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet-hdrincl that leads to uninitialized stack pointer usage; th...

MiracleLinux 8 : rsync-3.1.3-20.el8_10 (AXSA:2025-9543:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9543:02 advisory. rsync: Info Leak via Uninitialized Stack Contents CVE-2024-12085 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

CVE-2020-24753

A memory corruption vulnerability in Objective Open CBOR Run-time oocborrt in versions before 2020-08-12 could allow an attacker to execute code via crafted Concise Binary Object Representation CBOR input to the cbor2json decoder. An uncaught error while decoding CBOR Major Type 3 text strings...