160 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-14305
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds memory write flaw was found in how the Linux kernel's Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port...
The vulnerability of the reiserfs loader component in the Grub2 operating system, which allows a hacker to cause a service failure
The vulnerability of the reiserfs driver in operating systems like Grub relates to writing beyond the boundary. Exploiting this vulnerability can allow an attacker to cause a system failure...
Alibaba Cloud Linux 3 : 0041: tigervnc (ALINUX3-SA-2025:0041)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0041 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-26594: A use-after-free flaw was...
Amazon Linux 2 : xorg-x11-server (ALAS-2025-2791)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2791 advisory. A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to free...
Azure Linux 3.0 Security Update: unixODBC (CVE-2024-1013)
The version of unixODBC installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1013 advisory. - An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 byte...
AZL-57327 CVE-2025-26598 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-1
An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching...
CVE-2025-26598
An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching...
CVE-2025-26598
An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching...
CVE-2025-26598
An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching...
Security Bulletin: Vulnerabilities in shim library (CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551) affect Power HMC.
Summary The shim library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-40546 DESCRIPTION: rhboot shim is vulnerable to a denial of service, caused by a NULL pointer dereference f;aw in the mirroroneesl function in...
CVE-2021-26344
An out of bounds memory write when processing the AMD PSP1 Configuration Block APCB could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution...
squid: Out-of-bounds write error may lead to Denial of Service
A flaw was found in Squid. An out-of-bounds write can be triggered when an Edge Side Includes ESI variable is assigned to a value not in the standard ASCII range, for example, multi-byte characters. This flaw allows a trusted server to crash Squid while processing an ESI response content, resulti...
kernel: lib/kobject.c vulnerable to fill_kobj_path out-of-bounds write
An out-of-bounds memory write flaw was found in the load/unload module in the Linux kernel's kobject functionality, potentially triggering a race condition in the kobjectgetpath function. This issue may allow a local user to crash the system or potentially escalate their privileges on the system...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : unixODBC vulnerability (USN-6715-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6715-1 advisory. It was discovered that unixODBC incorrectly handled certain bytes. An attacker could use this issue to execute arbitra...
CVE-2024-1013
CVE-2024-1013 (unixODBC) has an out-of-bounds stack write on 64-bit architectures where the caller uses 4 bytes but the callee writes 8. This can cause memory corruption or crashes, with impact depending on endianness (more visible on big-endian). Affected products in connected docs show unixODBC...
kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead
An out-of-bounds memory write flaw was found in qfqchangeagg in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead
An out-of-bounds memory write flaw was found in qfqchangeagg in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system...
Ubuntu 22.04 LTS : Linux kernel (GKE) vulnerabilities (USN-6653-4)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6653-4 advisory. It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free...
kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...