Security Bulletin: IBM® Db2® is vulnerable to a denial of service due to insufficient release of allocated memory after usage. (CVE-2025-1992)

Summary IBM® Db2® is vulnerable to a denial of service due to insufficient release of allocated memory after usage under federation configuration. Vulnerability Details CVEID:CVE-2025-1992 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated us...

CVE-2002-1992

Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to cause a denial of service in IIS via 1 a long template file name or 2 a long HTTP header...

CVE-2025-1992

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user in federation environment, to cause a denial of service due to insufficient release of allocated memory after usage...

CVE-2025-1992 IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user in federation environment, to cause a denial of service due to insufficient release of allocated memory after usage...

CVE-2025-1992 IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user in federation environment, to cause a denial of service due to insufficient release of allocated memory after usage...

CVE-2025-1992

CVE-2025-1992 concerns IBM Db2 for Linux, UNIX and Windows (including DB2 Connect Server) in federation deployments. The issue is a denial-of-service caused by insufficient release of memory after usage, affecting Db2 versions 11.5.0–11.5.9 and 12.1.0–12.1.1 when authenticated users operate in fe...

Linux Distros Unpatched Vulnerability : CVE-2023-1992

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file CVE-2023-1992 Not...

Linux Distros Unpatched Vulnerability : CVE-2013-1992

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflows in X.org libdmx 1.1.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors...

CVE-2022-1992

Path Traversal in GitHub repository gogs/gogs prior to 0.12.9...

RHEL 5 : libdmx (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libdmx: Multiple integer overflows leading to heap-based bufer overflows CVE-2013-1992 Note that Nessus has not...

CVE-2024-1992

Rejected reason: Rejected as duplicate of CVE-2024-2306...

Advisory ROSA-SA-2023-2257

Software: wireshark 4.0.5 OS: ROSA-CHROME packageevrstring: wireshark-4.0.5-1.src.rpm CVE-ID: CVE-2022-4344 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A memory shortage in the Kafka protocol dissector in Wireshark versions 4.0.0.0-4.0.1 and 3.6.0-3.6.9 allows denial of service via packet injection ...

GLSA-202309-02 : Wireshark: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202309-02 Wireshark: Multiple Vulnerabilities - Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file CVE-2022-3725 - Due to failure in validating th...

Oracle Solaris Critical Patch Update : jul2023_SRU11_4_58_144_3

This Solaris system is missing necessary patches to address critical security updates : %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Oracle CPU for jul2023. include'deprecatednasllevel.inc'; include'compat.inc'...

[SECURITY] [DSA 5429-1] wireshark security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5429-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 15, 2023 https://www.debian.org/security/faq -...

Medium: wireshark

Issue Overview: RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file CVE-2023-1992 LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or...

Security fix for the ALT Linux 10 package wireshark version 4.0.5-alt1

4.0.5-alt1 built May 9, 2023 Anton Farygin in task 319886 May 4, 2023 Anton Farygin - 4.0.5 - Fixes: CVE-2023-1994 GQUIC dissector crash. CVE-2023-1993 LISP dissector large loop. CVE-2023-1992 RPCoRDMA dissector crash. CVE-2023-1161 ISO 15765 and ISO 10681 dissector crash...

Debian dla-3402 : libwireshark-data - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3402 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3402-1 [email protected]...

Debian: Security Advisory (DLA-3402-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3402-1] wireshark security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3402-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 29, 2023 https://wiki.debian.org/LTS -...