Skip to content

TheWindowsUpdate.com

Opinions, tips, and news orbiting Microsoft

Search for:

Primary menu

Home
About TheWindowsUpdate.com

Month: February 2026

CVE-2025-61144 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.

Posted on February 26, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2025-61144 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.→

Posted in Republished Content | Leave a reply

CVE-2025-61143 libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

Posted on February 26, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2025-61143 libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.→

Posted in Republished Content | Leave a reply

CVE-2021-20233 A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Posted on February 26, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2021-20233 A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.→

Posted in Republished Content | Leave a reply

CVE-2021-20225 A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Posted on February 26, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2021-20225 A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.→

Posted in Republished Content | Leave a reply

CVE-2026-26960 node-tar has Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in Extraction

Posted on February 25, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2026-26960 node-tar has Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in Extraction→

Posted in Republished Content | Leave a reply

CVE-2026-2739 This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely.

Posted on February 25, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2026-2739 This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely.→

Posted in Republished Content | Leave a reply

CVE-2026-21620 TFTP Path Traversal

Posted on February 25, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2026-21620 TFTP Path Traversal→

Posted in Republished Content | Leave a reply

CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse

Posted on February 25, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse→

Posted in Republished Content | Leave a reply

Post navigation

← Older posts

Newer posts →

Primary Sidebar Widget Area

Search for:

Recent Posts

CVE-2026-50292 In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution
CVE-2026-46272 coresight: tmc-etr: Fix race condition between sysfs and perf mode
CVE-2026-46250 MIPS: Work around LLVM bug when gp is used as global register variable
CVE-2026-50031 ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Two subcommands “ipmi-oem dell get-active-directory-config” and “ipmi-oem fujitsu get-sel-entry-long-text” were found to have exploitable buffer overflows on response messages.
CVE-2026-50263 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free information disclosure in createsaverwindow()

Archives

Copyright © 2026 TheWindowsUpdate.com. All Rights Reserved.

Theme: Catch Box by Catch Themes

Scroll Up