These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-3832 was publicly disclosed on 2026-04-30. The issue is a logic error in GnuTLS OCSP handling that can affect TLS clients using OCSP verification. According to the NVD record and Red Hat references, a specially crafted multi-record OCSP response presented during handshake may cause a client to incorrectly accept a revoked server certificate, weakening trust validation.
CVE-2026-5121 is a high-severity libarchive flaw affecting zisofs block pointer allocation logic on 32-bit systems. A specially crafted ISO9660 image can trigger an integer overflow that may become a heap buffer overflow, so systems that process untrusted images should treat this as a priority patch item. The NVD record was published on 2026-03-30 and last modified on 2026-05-11, with Red Hat advisories a [truncated]
CVE-2026-5119 describes a cleartext transmission issue in libsoup during HTTPS tunneling through an HTTP proxy. In the initial HTTP CONNECT request, sensitive session cookies may be exposed before the tunnel is established. A network-positioned attacker or a malicious proxy could intercept those cookies and potentially reuse them for session hijacking or user impersonation.
CVE-2026-0968, published on 2026-03-26 and last modified on 2026-05-19, affects libssh during SFTP file listing. A malicious server can send a malformed "longname" field in an SSH_FXP_NAME message, and the missing null check may cause an out-of-bounds read on the heap. The supplied record rates this as low severity with availability impact only, but it can still crash affected applications and cause a den [truncated]
CVE-2026-0967 is a denial-of-service issue in libssh affecting client-side hostname pattern handling. According to the published description, a remote attacker who can influence client configuration files or known_hosts entries may craft hostnames that trigger inefficient regular-expression backtracking in match_pattern(), leading to timeouts and resource exhaustion. NVD lists libssh versions through 0.11 [truncated]
CVE-2026-0966 is a network-reachable denial-of-service issue in libssh. According to the CVE record and NVD data, the flaw was published on 2026-03-26 and later modified on 2026-05-11. The issue affects ssh_get_hexa() when it processes zero-length input, and exploitation is tied to GSSAPI authentication with server logging verbosity set to SSH_LOG_PACKET (3) or higher. The practical result is a self-denia [truncated]
CVE-2026-0965 is a low-severity local denial-of-service issue in libssh. During configuration parsing, affected versions may attempt to open arbitrary files. In misconfigured deployments or when a malicious configuration file is provided, this can cause the system to access sensitive targets such as block devices or large system files and disrupt normal operation.
CVE-2026-0964 describes a path-handling flaw in SCP transfers where a malicious server can send unexpected paths and cause the client to overwrite files outside the intended working directory. The issue can be abused to place malicious executables or configuration files and influence what the user runs. NVD maps the issue to CWE-22 and scores it CVSS 6.3 (Medium). The description says this is the same iss [truncated]
CVE-2026-4775 is a libtiff flaw involving a signed integer overflow in putcontig8bitYCbCr44tile. When triggered by a specially crafted TIFF file, the bad calculation can produce an out-of-bounds heap write, which may crash the application or create a path to code execution. The supplied NVD data also ties the issue to Red Hat and Debian advisory references and lists multiple affected platform CPEs.
CVE-2026-4424 is a high-severity information-disclosure issue in libarchive's RAR handling. A specially crafted RAR archive can trigger a heap out-of-bounds read and expose sensitive heap memory, with no authentication or user interaction required.
CVE-2026-4271 was published on 2026-03-17 and later modified on 2026-05-11. According to the official CVE and NVD records, the issue is a use-after-free in libsoup's HTTP/2 server implementation. A remote attacker can send specially crafted HTTP/2 requests that cause authentication failures, leading the application to access freed memory and potentially crash. The documented impact is denial of service, w [truncated]
CVE-2025-14512 is a medium-severity vulnerability in GLib’s GIO handling that can be triggered when escape_byte_string() processes malicious file or remote filesystem attribute values. The flaw is an integer overflow that can lead to a heap buffer overflow and denial of service. NVD rates the issue as network-reachable with low attack complexity and user interaction required, and the supplied Red Hat refe [truncated]
CVE-2025-14087 describes a flaw in GLib’s GVariant parser that can be triggered by maliciously crafted input strings. The result can be heap corruption, which may lead to denial of service and, in some cases, potential code execution. NVD records this as a medium-severity issue, and Red Hat-linked references show affected GLib versions before 2.86.3 as well as multiple Red Hat Enterprise Linux streams.
CVE-2025-13601 is a high-severity heap-based buffer overflow in GLib's g_escape_uri_string() function. The flaw comes from an incorrect buffer-size calculation: when the input contains a very large number of characters that must be escaped, the computed escaped length can overflow and the newly allocated buffer may be written past its end. The risk is most relevant to systems and applications that use the [truncated]
CVE-2023-50781 is a high-severity m2crypto issue that may allow a remote attacker to decrypt captured TLS messages on servers that use RSA key exchanges, creating a confidentiality risk for sensitive data. NVD rates the issue 7.5 (High) with network attackability, no privileges required, and no user interaction, and classifies it as CWE-203.
CVE-2023-52356 is a high-severity availability issue in libtiff. According to the supplied NVD record, a crafted TIFF file can trigger a segmentation fault and heap-buffer overflow in TIFFReadRGBATileExt(), allowing a remote attacker to cause denial of service. The record does not indicate impact to confidentiality or integrity, but it does map to a network-reachable, no-authentication attack surface with [truncated]
CVE-2023-48795, known as the Terrapin attack, is an SSH transport protocol weakness that can let a remote attacker omit some packets during extension negotiation and weaken session security. The issue affects OpenSSH before 9.6 and a wide range of SSH clients, libraries, and appliances listed in the CVE record.
CVE-2023-4806 is a narrowly triggered glibc use-after-free in getaddrinfo that can lead to an application crash. The issue is publicly dated 2023-09-18 and, per the NVD record, was later modified on 2026-05-12. The exposure is unusual: it requires an NSS module that implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks, omits _nss_*_gethostbyname3_r, and is hit through a getaddrinfo [truncated]
CVE-2023-4527 is a glibc flaw that can leak limited stack contents and trigger a crash when getaddrinfo is used with AF_UNSPEC on systems configured for no-aaaa mode. The issue is network-triggered, has no user interaction requirement, and is tracked by NVD with a medium CVSS score of 6.5.
CVE-2015-2877 describes an information-disclosure side channel in Linux Kernel Samepage Merging (KSM). The NVD record ties it to Linux kernel versions 2.6.32 through 4.x and some Red Hat Enterprise Linux releases, with low CVSS impact and a local attack vector. The supplied description also notes the vendor position that if this attack vector matters, deduplication should be disabled, which frames the iss [truncated]
CVE-2017-6011 is a medium-severity memory-safety issue in icoutils 0.31.1 that affects icotool. NVD describes it as an out-of-bounds read in simple_vec() within extract.c, with the potential to lead to a buffer overflow and a denial-of-service-style availability impact.
CVE-2017-6010 is a denial-of-service flaw in icoutils 0.31.1. The vulnerable code is the extract_icons function in extract.c, where a corrupted ICO file can trigger a buffer overflow and crash icotool. NVD classifies the issue as CWE-119 with a CVSS 3.0 score of 5.5 (local access, low complexity, no privileges, user interaction required, availability impact only). The CVE was published on 2017-02-16 and l [truncated]
CVE-2017-6009 is a buffer overflow in icoutils 0.31.1, specifically in the decode_ne_resource_id function used by wrestool. The flaw is triggered by an unchecked memcpy length that can become negative, creating a denial-of-service risk and possible memory corruption. Because the CVSS vector requires local access and user interaction, this is most relevant on systems where untrusted inputs are processed with wrestool.
CVE-2016-9560 describes a stack-based buffer overflow in JasPer's jpc_tsfb_getbands2 function. The NVD record ties the issue to JasPer versions before 1.900.30 and downstream distro packages, and rates it HIGH with high confidentiality, integrity, and availability impact. Because the record combines a remote-attacker description with a CVSS vector of AV:L/UI:R, defenders should focus on actual image-proce [truncated]
CVE-2016-2568 is a high-severity local privilege escalation issue affecting pkexec when used with --user nonpriv. A local attacker can use a crafted TIOCSTI ioctl call to push characters into the terminal input buffer and escape to the parent session on vulnerable systems.
CVE-2017-3302 is a high-severity availability issue in libmysqlclient.so. NVD rates it 7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and classifies the weakness as CWE-416. The vulnerable scope includes Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5, plus MariaDB through 5.5.54, 10.0.29, 10.1.21, and 10.2.3. NVD also links downstream Debian and Red Hat advisories, indicating packaged consumers may [truncated]
CVE-2017-5848 is a remotely reachable denial-of-service issue in GStreamer’s gst-plugins-bad MPEG demuxer path. The published description says gst_ps_demux_parse_psm() can perform an invalid memory read and crash while parsing PSM data. NVD assigns a High CVSS 3.1 score and classifies the weakness as CWE-125, so the practical impact is service interruption rather than known code execution or data theft.
CVE-2017-5205 is a critical buffer overflow in tcpdump’s ISAKMP parser, specifically in print-isakmp.c:ikev2_e_print(). NVD lists tcpdump versions before 4.9.0 as vulnerable and assigns a CVSS 3.0 score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). In practical terms, malformed network traffic can trigger memory corruption while tcpdump parses packet data, so systems that inspect untrusted captures should [truncated]
CVE-2017-5204 is a critical buffer overflow in tcpdump’s IPv6 parsing path, specifically print-ip6.c:ip6_print(), affecting tcpdump versions before 4.9.0. The NVD record rates the issue 9.8 (CVSS v3.0) with network attack vector, no privileges required, and no user interaction. In practical terms, any environment that uses tcpdump to analyze untrusted packet data should treat this as an urgent patch item [truncated]
CVE-2017-5203 is a Critical buffer overflow in tcpdump’s BOOTP parser, specifically in print-bootp.c:bootp_print(), affecting tcpdump versions before 4.9.0. The NVD entry rates it 9.8 and maps it to CWE-119, with downstream advisories and package notes published for Debian, Red Hat, and Gentoo.
CVE-2017-5202 is a critical memory-corruption issue in tcpdump's ISO CLNS parser. The vulnerable path is clnp_print() in print-isoclns.c, and NVD rates the issue CVSS 3.0 9.8 with network reachability, no privileges, no user interaction, and high impact to confidentiality, integrity, and availability.
CVE-2017-3318 is a MySQL Server error-handling vulnerability that can expose sensitive data from affected server instances. The NVD record describes the flaw as difficult to exploit and notes that an attacker needs high privileges, local logon to the infrastructure where MySQL runs, and user interaction by another person. The primary impact is confidentiality: successful exploitation can lead to unauthori [truncated]
CVE-2017-3317 is a denial-of-service vulnerability in the MySQL Server logging component. According to NVD, exploitation requires a highly privileged attacker with local access and human interaction, and successful attacks can cause a hang or repeatable crash of MySQL Server.
CVE-2017-3313 is a MySQL Server vulnerability in the MyISAM subcomponent that can let a low-privileged attacker with logon access to the host compromise the MySQL Server process. Oracle’s description and the NVD record both emphasize confidentiality impact: successful attacks can expose critical data or all data accessible to MySQL Server. NVD rates the issue as local, high-complexity, low-privilege, no-u [truncated]
CVE-2017-3291 affects the MySQL Server packaging component in Oracle MySQL. NVD describes it as difficult to exploit and requiring a high-privileged attacker with logon access to the system where MySQL Server runs, plus human interaction from someone other than the attacker. If successful, the issue can lead to takeover of MySQL Server.
CVE-2017-3265 is a MySQL Server component vulnerability in the Packaging subcomponent that can let a highly privileged local attacker with logon access to the host compromise MySQL Server. NVD says successful exploitation may expose critical data or all MySQL-accessible data and can also cause a hang or repeatable crash, with human interaction required.
CVE-2017-3258 is a MySQL Server DDL weakness that can let a low-privileged network attacker trigger a hang or frequently repeatable crash, resulting in denial of service. Oracle’s advisory and the NVD record place affected Oracle MySQL releases at 5.5.53 and earlier, 5.6.34 and earlier, and 5.7.16 and earlier. NVD also maps downstream MariaDB and Linux distribution package entries for the same CVE. The pu [truncated]
CVE-2017-3244 is a medium-severity MySQL Server availability issue that can let a low-privileged network attacker cause a hang or repeatable crash of the database service. The vulnerability was publicly published on 2017-01-27 and later updated in NVD on 2026-05-13; the modification date should not be treated as the original issue date.
CVE-2017-3243 is a denial-of-service issue in the MySQL Server component of Oracle MySQL, specifically the Server: Charsets subcomponent. According to the NVD record, affected Oracle MySQL versions include 5.5.53 and earlier, and the impact is a hang or frequently repeatable crash of the server. Oracle’s advisory is listed as the patch/vendor reference, and NVD also maps related downstream package and ope [truncated]
CVE-2017-3238 is a network-reachable denial-of-service issue in the Oracle MySQL Server optimizer. Oracle and NVD describe it as exploitable by a low-privileged attacker over multiple protocols, with impact limited to availability: a hang or repeatable crash of MySQL Server. Oracle lists affected releases as MySQL 5.5.53 and earlier, 5.6.34 and earlier, and 5.7.16 and earlier.
CVE-2016-9636 is a critical heap-based buffer overflow in GStreamer's FLIC decoder. A crafted FLIC file can drive a write count beyond the initialized buffer in flx_decode_delta_fli, creating a remote code execution or crash risk. NVD rates the issue 9.8/CRITICAL with network attackability and no privileges or user interaction required.
CVE-2016-9635 is a critical memory-corruption flaw in GStreamer's FLIC decoder. A malformed "skip count" can run past the initialized buffer in flx_decode_delta_fli, which can crash the application and may allow arbitrary code execution. The vulnerable GStreamer line is listed as versions through 1.10.1, with a fix in 1.10.2 and downstream advisories for packaged Linux distributions.
CVE-2016-9634 is a critical memory-safety issue in GStreamer's FLIC decoder. A crafted FLIC file can trigger a heap-based buffer overflow in flx_decode_delta_fli, which can crash affected applications and may allow remote code execution in software that processes untrusted media.
CVE-2016-5824 affects libical 1.0 and can be triggered by a crafted .ics file, resulting in a denial of service through a use-after-free condition. NVD assigns a medium CVSS score (5.5) with high availability impact, and the official vector indicates user interaction is required. Organizations that parse calendar data or ship libical-based packages should treat this as a patching issue rather than a theor [truncated]
CVE-2016-9446 is an information-disclosure vulnerability in the GStreamer vmnc decoder. The issue is that the render canvas is not initialized before use, so a crafted vmnc file can cause previously stored memory contents to be exposed during processing or thumbnailing. The public description cites a simple 1-frame vmnc movie that does not draw to the allocated render canvas as a demonstration case. NVD r [truncated]
CVE-2016-9401 is a local bash issue tied to popd path handling. According to NVD, a local user may be able to bypass a restricted shell and trigger a use-after-free with a crafted address. The published impact is availability-focused, but the restricted-shell bypass makes this important anywhere bash is part of a controlled local access model.
CVE-2016-7545 is a local SELinux policycoreutils issue where a crafted TIOCSTI ioctl call can let an attacker run arbitrary commands outside the intended sandbox boundary. NVD assigns a HIGH severity score, and the weakness is categorized as improper access control (CWE-284). The CVE was published on 2017-01-19, with earlier discussion and patch references appearing in September 2016 and vendor advisories [truncated]
CVE-2016-9811 is a denial-of-service vulnerability in GStreamer's gst-plugins-base component, specifically the windows_icon_typefind function in versions before 1.10.2. The issue is an out-of-bounds read triggered by a crafted ICO file. NVD records this CVE as published on 2017-01-13 and later modified on 2026-05-13.
CVE-2012-4550 describes an access-control flaw in Red Hat JBoss Enterprise Application Platform. When role-based authorization is used for Enterprise Java Beans (EJB) access, the platform may fail to invoke the required authorization modules, which prevents Java Authorization Contract for Containers (JACC) permissions from being enforced. The result is that a remote attacker may gain unauthorized access t [truncated]
CVE-2012-4549 is an access-control flaw in Red Hat JBoss Enterprise Application Platform. When an EJB method invocation has no roles defined, the AuthorizationInterceptor processInvocation path can incorrectly authorize the request instead of denying it. In practice, that can expose sensitive EJB functionality to unauthenticated or otherwise unauthorized network attackers.