Lucene search
K

67311 matches found

Cvelist
Cvelist
added last week38 views

CVE-2026-56002 libXfont2 PCF Font Parsing Heap Buffer Overflow

A heap bufferflow in pcfReadFont due to missing glyph bounds checking in libXfont2 before 2.0.8 allows attackers authenticated as X client to execute code within the X server...

8.5CVSS0.00586EPSS
Exploits0References2
EUVD
EUVD
added last week11 views

EUVD-2026-42210

A heap buffer overflow in BitmapScaleBitmaps in libXfont2 before 2.0.8 due to an overflowing 32bit size could be used by attackers able to access the X Server to execute code within the X server cont...

8.5CVSS6.3AI score0.0038EPSS
Exploits0References2
CVE
CVE
added last week14 views

CVE-2026-56001

Affects libXfont2 (BitmapScaleBitmaps). The vulnerability is a heap buffer overflow caused by an overflowing 32-bit size in BitmapScaleBitmaps, exploitable by an attacker able to access the X Server to execute code within the X server context. Affected versions are libXfont2 before 2.0.8; remedia...

8.8CVSS6.3AI score0.0038EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added last week36 views

CVE-2026-56001 libXfont2 BitmapScaleBitmaps Integer Overflow Heap Buffer Overflow

A heap buffer overflow in BitmapScaleBitmaps in libXfont2 before 2.0.8 due to an overflowing 32bit size could be used by attackers able to access the X Server to execute code within the X server cont...

8.5CVSS0.0038EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added last week10 views

CVE-2026-56001

A heap buffer overflow in BitmapScaleBitmaps in libXfont2 before 2.0.8 due to an overflowing 32bit size could be used by attackers able to access the X Server to execute code within the X server cont...

8.8CVSS6.3AI score0.0038EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added last week10 views

CVE-2026-55999

Local attackers with a X connection able to provide PCX fonts to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a heap buffer overflow via SetFont due to missing glyph boundary checks...

8.5CVSS6.2AI score0.00212EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added last week6 views

CVE-2026-55999

Local attackers with a X connection able to provide PCX fonts to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a heap buffer overflow via SetFont due to missing glyph boundary checks...

8.5CVSS6.2AI score0.00212EPSS
Exploits0
Debian CVE
Debian CVE
added last week5 views

CVE-2026-56000

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS5.9AI score0.00192EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-56000

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS6AI score0.00192EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added last week9 views

CVE-2026-56000

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS6AI score0.00192EPSS
Exploits0
NVD
NVD
added 2026/07/08 1:16 a.m.6 views

CVE-2026-55430

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the workspace app proxy resolves the target app from httpapi.RequestHost which prefers the X-Forwarded-Host header over the real Host header. No middleware...

6.8CVSS0.00208EPSS
Exploits0References6
CVE
CVE
added 2026/07/08 12:3 a.m.15 views

CVE-2026-55430

Coder's workspace app (github.com/coder/coder) prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 trusts X-Forwarded-Host for routing because no middleware strips it before routing and httpapi.RequestHost() prefers that header over Host. This enables cross-app data access when subdomain (wildca...

6.8CVSS6AI score0.00208EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/07/08 12:3 a.m.6 views

EUVD-2026-42136

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the workspace app proxy resolves the target app from httpapi.RequestHost which prefers the X-Forwarded-Host header over the real Host header. No middleware...

6.8CVSS6AI score0.00208EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.7 views

Palo Alto Networks PAN-OS 11.1.x < 11.1.16 / 11.2.x < 11.2.13 / 12.1.x < 12.1.8 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 11.1.x prior to 11.1.16, 11.2.x prior to 11.2.13, or 12.1.x prior to 12.1.8. It is, therefore, affected by a vulnerability. A file deletion vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacke...

6.9CVSS6.7AI score0.00288EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-56002

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap bufferflow in pcfReadFont due to missing glyph bounds checking in libXfont2 before 2.0.8 allows attackers authenticated as X client to execute code withi...

8.8CVSS6.3AI score0.00586EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-56001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow in BitmapScaleBitmaps in libXfont2 before 2.0.8 due to an overflowing 32bit size could be used by attackers able to access the X Server t...

8.8CVSS6.4AI score0.0038EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.9 views

PT-2026-56391

Name of the Vulnerable Software and Affected Versions libXfont2 versions prior to 2.0.8 Description A heap buffer overflow occurs when parsing PCF files due to missing size checking in the property buffer within the ComputeScaledProperties function. Authenticated X clients can exploit this issue ...

8.8CVSS6.5AI score0.00643EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.5 views

PT-2026-56383

Name of the Vulnerable Software and Affected Versions libXfont2 versions prior to 2.0.8 Description A heap-based buffer overflow exists in the BitmapScaleBitmaps function. The issue is caused by an integer overflow where a 32-bit size calculation wraps, resulting in an undersized heap allocation...

8.8CVSS6.7AI score0.0038EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.9 views

PT-2026-56334

Name of the Vulnerable Software and Affected Versions xorg-server versions prior to 21.2.24 xwayland versions prior to 24.1.13 Description Local attackers with an X connection can cause a heap buffer overflow by providing PCX fonts to the X server. This occurs due to missing glyph boundary checks...

8.5CVSS6.3AI score0.00212EPSS
Exploits0References37
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.9 views

PT-2026-56335

Name of the Vulnerable Software and Affected Versions xorg-server versions prior to 21.2.24 xwayland versions prior to 24.1.13 Description Local attackers with an X connection can cause a Heap Use After Free, a condition where the system continues to use a memory address after it has been freed,...

9CVSS6.2AI score0.00192EPSS
Exploits0References25
Rows per page
Query Builder