524 matches found
glib2: Fix of CVE-2026-58016
CVE-2026-58016: fix XML parser state handling for element nesting in D-Bus introspection XML...
libxml2: Fix of CVE-2026-11979
CVE-2026-11979: add bounds checks in xmlcatalog --shell usershell to prevent stack buffer overflows when parsing overly long command lines...
python: Fix of 2 CVEs
CVE-2025-15366: reject control characters in IMAP commands in imaplib.IMAP4.command to prevent command injection via newlines - CVE-2025-15367: reject control characters in POP3 commands in poplib.POP3.putcmd to prevent command injection via newlines...
vim: Fix of CVE-2026-52860
CVE-2026-52860: fix possible code execution in python3complete/pythoncomplete by stripping default expressions and annotations from function parameter lists and whitelisting class bases to dotted names before exec upstream patch 9.2.0597...
kernel: Fix of 14 CVEs
nfnetlinkosf: validate individual option lengths in fingerprints CVE-2026-23397 - netfilter: nfnetlinkosf: avoid OOB read CVE-2026-23397 - bonding: limit BONDMODE8023AD to Ethernet devices CVE-2026-23099 - netlabel: fix out-of-bounds memory accesses CVE-2019-25160 - ext4: always check block group...
vim: Fix of 2 CVEs
CVE-2026-52858: fix possible code execution in python3complete/pythoncomplete by not executing import/from statements harvested from the buffer unless g:pythoncompleteallowimport is set upstream patch 9.2.0561...
samba: Fix of CVE-2026-4408
CVE-2026-4408: Escape/mask client-controlled username before %u substitution in 'check password script' to prevent remote command execution; restrict samrValidatePassword to DCs...
httpd: Fix of 2 CVEs
CVE-2026-29170: modproxyftp: XSS in generated HTML directory listing; escape entry names with apescapehtmlaposescapepath instead of apescapeuri in href attributes - CVE-2026-42535: moddavfs: deny WebDAV access to or within the DAVFSSTATEDIR state directory to prevent manipulation of trusted...
httpd: Fix of CVE-2025-58098
CVE-2025-58098: modcgid with SSI exec cmd passed the shell-escaped query string as extra arguments to the executed shell command; do not pass r-args for SSI requests...
openssl: Fix of CVE-2026-45447
CVE-2026-45447: fix possible use-after-free in PKCS7verify with empty digestAlgorithms SET...
expat: Fix of CVE-2026-41080
CVE-2026-41080: backport SipHash-based hash-flooding protection with a full 16 bytes of salt entropy and add the XMLSetHashSalt16Bytes API...
python: Fix of CVE-2026-7210
CVE-2026-7210: when hash randomization is enabled, seed libexpat's hash-flooding protection in pyexpat with a full 16 bytes of entropy via XMLSetHashSalt16Bytes, detected at runtime through a weak symbol so it activates once the system libexpat exposes it, instead of the 4-8 byte XMLSetHashSalt...
vim: Fix of CVE-2026-41411
CVE-2026-41411: fix OS command injection in tag file processing by disallowing backticks in the filename field before wildcard expansion upstream patch 9.2.0357...
bind: Fix of CVE-2025-40778
CVE-2025-40778: Tighten restrictions on caching NS RRsets in the authority section require the NS owner name to be an ancestor of the queried name to prevent cache poisoning via spoofed records...
mysql: Fix of 3 CVEs
CVE-2018-2562: fix DoS / data corruption in partitioned MEMORY tables Server: Partition - CVE-2018-2773: warn when --pid-file is in a world-writable location BUG26585560 - CVE-2018-3174: stop server as the mysql user in mysql.init so an attacker who controls the pid file cannot trick init into...
dovecot: Fix of CVE-2017-14461
CVE-2017-14461: lib-mail: fix out-of-bounds read when parsing an invalid email address in parseaddrspec...
ImageMagick: Fix of CVE-2026-30883
CVE-2026-30883: fix heap overflow when encoding PNG with oversized profile...
perl: Fix of CVE-2026-8376
CVE-2026-8376: fix heap buffer overflow in Sstudychunk when compiling regular expressions with a repeated fixed string on 32-bit builds mincount l overflow...
polkit: Fix of CVE-2018-1116
CVE-2018-1116: polkit trusts client-supplied UID in CheckAuthorization, allowing a local attacker to spoof or DoS the authentication-agent dialog of unrelated processes...
bind: Fix of CVE-2026-1519
CVE-2026-1519: Limit NSEC3 iterations when validating referrals to unsigned delegations to avoid excessive CPU consumption...
rsync: Fix of CVE-2026-41035
CVE-2026-41035: fix use-after-free in receivexattr by using tempxattr.count instead of the stale count in qsort...
vim: Fix of CVE-2026-46483
CVE-2026-46483: fix command injection in the tar plugin's tarVimuntar function by using the correct shellescapetartail, 1 form so that a crafted .tgz filename cannot trigger cmdline-special expansion in the :! command...
postfix: Fix of CVE-2026-43964
makedefs: support Linux kernel = 3 on build hosts - CVE-2026-43964: fix buffer over-read on enhanced status code without trailing text...
samba: Fix of 2 CVEs
CVE-2019-3880: Refuse winreg SaveKey/RestoreKey RPCs to prevent writing registry hive files outside intended share boundaries via symlink races - CVE-2019-10218: Reject server-supplied filenames containing path separators in SMB1 directory listings to protect libsmbclient consumers from path...
java-1.8.0-openjdk: Fix of 7 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u492-b09. That fixes following CVEs: - CVE-2026-22003: hotspot DoS via sandboxed Java Web Start/applets with untrusted code resource exhaustion - CVE-2026-22007: Security component, local high-complexity low-impact info disclosure -...
rsync: Fix of 2 CVEs
CVE-2026-43618: fix integer overflow in compressed-token decoding that could leak rsync process memory contents over the wire - CVE-2026-29518: fix TOCTOU race on parent path components in non-chroot daemon by routing receiver/sender opens, chmod, and chdir through per- component ONOFOLLOW secure...
nginx: Fix of CVE-2026-9256
CVE-2026-9256: fix heap buffer overflow with overlapping captures in ngxhttprewritemodule...
php: Fix of CVE-2026-6735
CVE-2026-6735: fix XSS within FPM status endpoint...
expat: Fix of CVE-2026-45186
CVE-2026-45186: fix quadratic runtime in attribute collision detection by using a hash table for default attribute names instead of an On^2 loop...
dovecot: Fix of 2 CVEs
CVE-2026-42006: lib-imap: fix listcountlimit to actually count open '' instead of close '', preventing an imap-login memory-exhaustion DoS that bypassed the CVE-2026-27857 fix...
tomcat6: Fix of CVE-2026-41284
CVE-2026-41284: tomcat6: WebDAV LOCK/PROPFIND unbounded request body DoS...
httpd: Fix of 5 CVEs
CVE-2026-28780: modproxyajp 4-byte heap buffer overflow when contacting a malicious AJP backend off-by-AJPHEADERLEN check in ajpmsgcheckheader - CVE-2026-34059: modproxyajp heap over-read in ajpparsedata on short AJP replies - CVE-2026-33006: modauthdigest used non-constant-time strcmp for...
php: Fix of CVE-2026-7262
CVE-2026-7262: fix NULL pointer dereference in SOAP apache map decoder typemap configured...
vim: Fix of CVE-2026-42307
CVE-2026-42307: fix OS command injection in netrw plugin via crafted sftp:// URLs by hardening the tempfile suffix regex and escaping the tempfile argument before passing it to the sftp command...
quagga: Fix of CVE-2018-5380
CVE-2018-5380: fix BGP NOTIFY debug-print msg array over-read...
nginx: Fix of CVE-2026-42945
CVE-2026-42945: fix heap buffer overflow in ngxhttprewritemodule...
php: Fix of 2 CVEs
CVE-2026-6722: Use-after-free in SOAP ext via stale refmap pointer - CVE-2026-7261: Use-after-free in SOAP after header parse failure with SOAPPERSISTENCESESSION...
subversion: Fix of CVE-2018-11782
CVE-2018-11782: fix svnserve DoS via well-formed read-only get-deleted-rev request...
libssh2: Fix of 2 CVEs
CVE-2019-3860: bounds-check SFTP packet sizes in sftppacketrequire/v and sftpbin2attr - CVE-2019-3861: bounds-check paddinglength in libssh2transportread...
python: Fix of 4 CVEs
CVE-2019-9740: reject control characters in HTTP URL paths in httplib.HTTPConnection.putrequest to prevent CRLF header injection - CVE-2019-18348: reject control characters in hostnames in httplib.HTTPConnection.init via a new validatehost helper to prevent CRLF header injection the glibc...
curl: Fix of 2 CVEs
CVE-2018-1000120: fix buffer overflow exists in the FTP URL handling - CVE-2018-1000007: fix leak authentication data to third parties in HTTP requests...
libssh2: Fix of CVE-2026-7598
CVE-2026-7598: add usernamelen/passwordlen bounds checks in userauthlist and userauthpassword to prevent integer overflow when allocating the SSH USERAUTHREQUEST packet buffer...
samba: Fix of CVE-2017-15275
CVE-2017-15275: Fix server heap memory information leak by zeroing unused area when messagepushstring grows the talloc buffer...
dovecot: Fix of CVE-2026-27857
CVE-2026-27857: imap-login: limit IMAP parser open lists to prevent excessive memory usage...
openssh: Fix of CVE-2026-35386
CVE-2026-35386: fix client-side command execution via control characters in usernames by adding iscntrl rejection to validruser...
bzip2: Fix of CVE-2019-12900
CVE-2019-12900: fix out-of-bounds write in BZ2decompress many selectors...
httpd: Fix of 2 CVEs
CVE-2017-15710: modauthnzldap out-of-bounds write when accept-language header value is shorter than two characters - CVE-2017-15715: regex anchor in / can match before an embedded newline, allowing .htaccess bypass of trailing-extension filters...
openssh: Fix of CVE-2026-35414
CVE-2026-35414: fix authorizedkeys principals option mishandling with comma-containing CA principals...
exim: Fix of CVE-2026-40685
CVE-2026-40685: fix OOB heap write in dewrap during JSON expansion...
libssh2: Fix of 2 CVEs
CVE-2019-13115: add bounds-checked stringbuf helpers and use them in diffiehellmansha1 to prevent out-of-bounds read on malformed KEX reply - CVE-2019-17498: harden bounds checks in SSHMSGDISCONNECT, SSHMSGDEBUG and SSHMSGGLOBALREQUEST handlers to prevent integer overflow / out-of-bounds read...