Lucene search
K

556 matches found

The Hacker News
The Hacker News
added 2 days ago10 views

U.S. Sanctions First VPN Service and Malware Cryptor Seller Over Ransomware Support

The U.S. Treasury Department's Office of Foreign Assets Control OFAC has designated two individuals and a VPN service provider for enabling ransomware actors' and other cybercriminals' malicious activities, including ransomware attacks against Americans. The VPN, named First VPN Service 1VPNS, ha...

10CVSS7AI score0.9951EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-58073

Name of the Vulnerable Software and Affected Versions FortiSandbox versions 5.0.0 through 5.0.2 FortiSandbox versions 4.4.3 through 4.4.8 Description An exposure of resource to wrong sphere issue allows an unauthenticated attacker to access the VNC server of virtual machines performing scanning v...

8.6CVSS6.1AI score0.00442EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 6 days ago6 views

RockyLinux 8 : gstreamer1-plugins-bad-free (RLSA-2026:37130)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:37130 advisory. gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb CVE-2026-52720 gstreamer1-plugins-bad-free:...

8.8CVSS7.1AI score0.0053EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/08 8:54 p.m.5 views

gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb

A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...

8.8CVSS6.6AI score0.0053EPSS
Exploits0References5
Fedora
Fedora
added 2026/06/27 12:56 a.m.6 views

[SECURITY] Fedora 43 Update: tigervnc-1.16.2-4.fc43

Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...

9.1CVSS6.8AI score0.00489EPSS
Exploits0
OSV
OSV
added 2026/06/24 8:16 a.m.4 views

UBUNTU-CVE-2026-52940

In the Linux kernel, the following vulnerability has been resolved: tun: zero the whole vnet header in tunputuser tunputuser declares an on-stack struct virtionethdrv1hashtunnel without zeroing it. For a non-tunnel skb, virtionethdrtnlfromskb only initializes the first 10 bytes sizeofstruct...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/24 7:14 a.m.18 views

EUVD-2026-38710

In the Linux kernel, the following vulnerability has been resolved: tun: zero the whole vnet header in tunputuser tunputuser declares an on-stack struct virtionethdrv1hashtunnel without zeroing it. For a non-tunnel skb, virtionethdrtnlfromskb only initializes the first 10 bytes sizeofstruct...

5.8AI score0.00112EPSS
Exploits0References3
Fedora
Fedora
added 2026/06/24 1:30 a.m.5 views

[SECURITY] Fedora 44 Update: grout-0.16.0-1.fc44

grout stands for Graph Router. In English, "grout" refers to thin mortar that hardens to fill gaps between tiles. grout is a DPDK based network processing application. It uses the rtegraph library for data path processing. Its main purpose is to simulate a network function or a physical router fo...

7.5CVSS5.8AI score0.00389EPSS
Exploits0
Fedora
Fedora
added 2026/06/23 1:9 a.m.6 views

[SECURITY] Fedora 44 Update: tigervnc-1.16.2-4.fc44

Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...

9.1CVSS6.8AI score0.00489EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/20 12:28 a.m.10 views

kernel: bnxt_en: Fix RSS context delete logic

A flaw was found in the bnxten driver of the Linux kernel. An issue in the RSS Receive Side Scaling context deletion logic can lead to a leak of VNICs Virtual Network Interface Controllers in the firmware. This can cause subsequent attempts to create new VNICs to fail, resulting in the loss of...

7.8CVSS7AI score0.00138EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/18 1:53 a.m.6 views

SUSE CVE-2026-52720

A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...

8.8CVSS6.5AI score0.0053EPSS
Exploits0References3
OSV
OSV
added 2026/06/17 8:37 a.m.4 views

OPENSUSE-SU-2026:20972-1 Security update for openvswitch

This update for openvswitch fixes the following issues - CVE-2026-5265: heap over-read in ICMP error response generation bsc1262498. - CVE-2026-5367: heap over-read in OVN DHCPv6 client ID processing bsc1262499. - CVE-2026-34956: Invalid memory access in conntrack FTP alg bsc1261273. Changes for...

8.6CVSS6.1AI score0.00868EPSS
Exploits0References6
OSV
OSV
added 2026/06/15 8:16 p.m.6 views

DEBIAN-CVE-2026-52720

A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...

8.8CVSS6.2AI score0.0053EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 8:16 p.m.11 views

CVE-2026-52720

A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...

8.8CVSS0.0053EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/15 7:15 p.m.7 views

CVE-2026-52720 Gstreamer1-plugins-bad-free: gstreamer: heap buffer overflow via crafted vnc server rectangle in librfb

A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...

8.8CVSS6.2AI score0.0053EPSS
Exploits0References6
CVE
CVE
added 2026/06/15 7:15 p.m.48 views

CVE-2026-52720

GStreamer: librfb (RFB/VNC client) is affected by a heap buffer overflow caused by improper bounds checking of rectangle dimensions, allowing a malicious VNC server to send a rectangle extending beyond the framebuffer. This can lead to an out-of-bounds heap write and, per the report, potential co...

8.8CVSS6.2AI score0.0053EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/15 7:15 p.m.10 views

CVE-2026-52720

A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...

8.8CVSS6AI score0.0053EPSS
Exploits0References4
OSV
OSV
added 2026/06/09 10:49 p.m.4 views

CVE-2026-46433 lldpd: Heap OOB Read in VLAN Decapsulation memmove

lldpd is an implementation of IEEE 802.1ab LLDP. Prior to version 1.0.22, lldpddecode in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frames by calling memmove to shift the frame payload 4 bytes left. The third argument byte count is s - 2 ETHERADDRLEN but should be s - 2...

6.5CVSS6AI score0.00225EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

RHEL 10 : ovn25.03 (RHSA-2026:22110)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22110 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add...

8.6CVSS5.7AI score0.00868EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.11 views

RHEL 9 : tigervnc (RHSA-2026:22424)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22424 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...

9.8CVSS5.7AI score0.00489EPSS
Exploits0References14
Rows per page
Query Builder