Astra Linux - уязвимость в mariadb-10.3

MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected MariaDB installations. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL...

Astra Linux - уязвимость в mongo-c-driver

Some MongoDB drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. These published events may contain security-sensitive data when specific authentication-related commands are executed. Without proper care, an application...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

A flaw was discovered in the handling of SMB2READ commands within the kernel’s ksmbd module. The issue arises from failing to release memory after its effective lifespan has ended. An attacker can exploit this flaw to create a denial-of-service condition on affected Linux installations...

Astra Linux - уязвимость в openvpn

OpenVPN 2.1 up to v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plugins when more than one of them uses deferred authentication responses. This allows an external user to be granted access with only partially correct credentials...

Astra Linux - уязвимость в wpa

There exists a exploitable denial-of-service vulnerability in hostapd 2.6. An attacker could trigger the AP to send IAPP location updates for stations, even before the required authentication process is completed. This could lead to various denial-of-service scenarios, either by causing CAM table...

Astra Linux - уязвимость в php7.3

In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, and 8.2. before 8.2.7, when using SOAP HTTP Digest Authentication, the random value generator was not checked for failures. Additionally, the range of values used by the random generator was narrower than necessary. In the event of a random...

Astra Linux - уязвимость в opensc

A flaw was discovered in OpenSC packages that could allow for a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length PIN is passed. This issue poses a security risk, especially for OS...

Astra Linux - уязвимость в sssd

A race condition flaw was identified in sssd, where the GPO policy is not consistently applied to authenticated users. This could lead to improper authorization issues, granting or denying access to resources inappropriately...

Astra Linux - уязвимость в tomcat9

DEPRECATED: There is a vulnerability related to authentication bypass in digest authentication in Apache Tomcat. This issue affects Apache Tomcat versions as follows: 11.0.0-M1 through 11.0.21, 10.1.0-M1 through 10.1.54, 9.0.0.M1 through 9.0.117, 8.5.0 through 8.5.100, and versions prior to 7.0.0...

Astra Linux - уязвимость в samba

A out-of-bounds read vulnerability was discovered in Samba due to insufficient length checks in the winbinddpamauthcrap.c file. When performing NTLM authentication, the client sends cryptographic challenges back to the server. These responses have varying lengths, and Winbind fails to check the...

CVE-2026-47784

In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass...

CVE-2026-47784

The CVE concerns memcached prior to 1.6.42, where SASL password data used for authentication is exposed to a timing side-channel via memcmp in sasl_server_userdb_checkpass. Affected versions are before 1.6.42; upgrading to 1.6.42 or later is the supported remediation per the release notes. The vu...

CVE-2026-47784

In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass...

CVE-2026-47784

In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass...

CVE-2026-47783

In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by saslserveruserdbcheckpass...

CVE-2026-47783

In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by saslserveruserdbcheckpass...

EUVD-2026-31065

In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by saslserveruserdbcheckpass...

CVE-2026-24206

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to escalation of privileges, denial of service, or information disclosure...

CVE-2026-24207

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure...

JLSEC-2026-517

An uncontrolled resource consumption memory leak flaw was found in ZeroMQ's src/xpub.cpp in versions before 4.3.3. This flaw allows a remote unauthenticated attacker to send crafted PUB messages that consume excessive memory if the CURVE/ZAP authentication is disabled on the server, causing a...