UBUNTU-CVE-2026-34000

A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,...

GHSA-VC68-257W-M432 OpenEXR: Heap information disclosure in PXR24 decompression via unchecked decompressed size (undo_pxr24_impl)

Summary The PXR24 decompression function undopxr24impl in OpenEXR internalpxr24.c ignores the actual decompressed size outSize returned by exruncompressbuffer and instead reads from the scratch buffer based solely on the expected size uncompressedsize derived from the header metadata. Additionall...

SUSE-SU-2026:20903-1 Security update for libjxl

This update for libjxl fixes the following issues: Update to libjxl 0.11.2: - CVE-2025-12474: a specially crafted file can cause the decoder to read pixel data from uninitialized allocated memory bsc1258090. - CVE-2026-1837: a specially crafted file can cause the decoder to write pixel data to...

CVE-2025-12474

The CVE describes a vulnerability in libjxl where a specially crafted file can cause the decoder to read pixel data from uninitialized memory, due to referencing an outside-image-bound area in later patches and an optimization that omits populating those areas. Several connected advisories confir...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unverified packet length that could result in reading uninitialized memory...

CVE-2025-14847

Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3,...

EUVD-2015-7701

Malware in sbrugna...

EUVD-2015-8272

Malware in sbrugna...

EUVD-2008-0608

Malware in sbrugna...

EUVD-2022-0694

Malicious code in bioql PyPI...

EUVD-2025-29249

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-53165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - udf: Fix uninitialized array access for some pathnames For filenames that begin with . and are between 2 and 5 characters long, UDF charset conversion code woul...

GHSA-CVMJ-47V9-35M9 FUSE-Rust: Uninitalized memory read and leak caused by fuser crate

During the creation of a new libfuse session with fusesessionnew, the operation list was passed as NULL incorrectly. libfuse expects this argument to always point to list of operations. This caused uninitialized memory read and leaks in libfuse.so...

USN-7422-1 fis-gtm vulnerabilities

It was discovered that FIS-GT.M could incorrectly dereference memory in certain instances. An attacker could possibly use this issue to cause FIS-GT.M to crash, resulting in a denial of service. CVE-2021-44492, CVE-2021-44498, CVE-2021-44508 It was discovered that FIS-GT.M could perform a divisio...

RHEL 7 : optipng (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - optipng: heap buffer overflow in the bmpreadrows function CVE-2016-3981 - optipng: heap buffer overflow i...

GLSA-202310-03 : glibc: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202310-03 glibc: Multiple vulnerabilities - An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and...

Medium: glib2

Issue Overview: Heap-based buffer overflow in the findfixedlength function in pcrecompile.c in PCRE before 8.38 allows remote attackers to cause a denial of service crash or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular...

Amazon Linux AMI : pcre (ALAS-2023-1767)

The version of pcre installed on the remote host is prior to 8.21-7.9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1767 advisory. Heap-based buffer overflow in the findfixedlength function in pcrecompile.c in PCRE before 8.38 allows remote attackers to...

Medium: pcre

Issue Overview: Heap-based buffer overflow in the findfixedlength function in pcrecompile.c in PCRE before 8.38 allows remote attackers to cause a denial of service crash or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular...

Medium: pcre

Issue Overview: PCRE before 8.38 mishandles the : and \ substrings in character classes, which allows remote attackers to cause a denial of service uninitialized memory read or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...