CVE-2026-34000
- EPSS 0.49%
- Veröffentlicht 05.05.2026 16:16:11
- Zuletzt bearbeitet 08.06.2026 05:16:30
A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the `CheckSetGeom()` and `XkbAddGeomKeyAlias` functions, allows an attacker to read uninitialized or out-of-bounds memor...
CVE-2026-34002
- EPSS 0.49%
- Veröffentlicht 05.05.2026 16:16:11
- Zuletzt bearbeitet 08.06.2026 05:16:31
A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes t...
CVE-2026-34956
- EPSS 0.41%
- Veröffentlicht 05.05.2026 16:16:11
- Zuletzt bearbeitet 05.05.2026 19:31:10
A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap...
CVE-2026-33845
- EPSS 0.81%
- Veröffentlicht 30.04.2026 17:41:34
- Zuletzt bearbeitet 07.07.2026 12:16:37
A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause inform...
CVE-2026-3832
- EPSS 0.72%
- Veröffentlicht 30.04.2026 17:41:28
- Zuletzt bearbeitet 24.06.2026 17:16:58
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP...
CVE-2026-3833
- EPSS 0.57%
- Veröffentlicht 30.04.2026 17:37:05
- Zuletzt bearbeitet 30.06.2026 03:19:14
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees...
CVE-2026-6732
- EPSS 0.63%
- Veröffentlicht 23.04.2026 22:19:34
- Zuletzt bearbeitet 30.06.2026 20:16:50
A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious d...
CVE-2026-2708
- EPSS 0.32%
- Veröffentlicht 23.04.2026 21:51:23
- Zuletzt bearbeitet 04.05.2026 18:28:46
A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing logic. The soup_message_headers_append_common() function in libsoup/soup-message-headers.c unconditionally appends each header value without validating for duplicate or confl...
CVE-2026-6846
- EPSS 0.17%
- Veröffentlicht 22.04.2026 08:37:14
- Zuletzt bearbeitet 01.07.2026 13:17:51
A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object file during linking. A local attacker could trick a user into processing this malicious fi...
CVE-2026-6844
- EPSS 0.1%
- Veröffentlicht 22.04.2026 08:37:09
- Zuletzt bearbeitet 20.05.2026 14:00:12
A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a specially crafted Executable and Linkable Format (ELF) file. One vulnerability, a resource ex...