154 matches found
BIT-ENVOY-2026-48497 Envoy: Abnormal process termination in DNS UDP filter
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where UDP DNS filter is configured with local resolution containing a name with the length of 255 octets or remote resolution for a name of 255 octets long...
CVE-2026-48497
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where UDP DNS filter is configured with local resolution containing a name with the length of 255 octets or remote resolution for a name of 255 octets long...
CVE-2026-48497
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where UDP DNS filter is configured with local resolution containing a name with the length of 255 octets or remote resolution for a name of 255 octets long...
CVE-2026-48497 Envoy: Abnormal process termination in DNS UDP filter
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where UDP DNS filter is configured with local resolution containing a name with the length of 255 octets or remote resolution for a name of 255 octets long...
CVE-2025-61862
An out-of-bounds read vulnerability exists in VS6ComFile!getovlpelementsize of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end ABEND, and arbitrary code execution...
EUVD-2022-38112
Malicious code in bioql PyPI...
EUVD-2023-41270
Malicious code in bioql PyPI...
EUVD-2024-25235
Malicious code in bioql PyPI...
EUVD-2023-45630
Malicious code in bioql PyPI...
EUVD-2025-31674
Malicious code in bioql PyPI...
EUVD-2022-28576
Malicious code in bioql PyPI...
PT-2025-39953
Name of the Vulnerable Software and Affected Versions Central Monitor CNS-6201 affected versions not specified Description The software contains a flaw where a specially crafted UDP packet can cause the device to stop functioning normally due to a NULL pointer dereference. Recommendations At the...
Nihon Kohden Central Monitor CNS-6201 代码问题漏洞
Nihon Kohden Central Monitor CNS-6201 is a nursing station monitoring system from Nihon Kohden, Japan. A code issue vulnerability exists in Nihon Kohden Central Monitor CNS-6201, which stems from the presence of a null pointer dereference when processing specially crafted UDP packets, which could...
Envoy 资源管理错误漏洞
Envoy is an Enphase open source gateway program for connecting smart home devices. A resource management error vulnerability exists in Envoy versions 1.34.0 through 1.34.4 and 1.35.0, which stems from the presence of post-release reuse in the DNS cache and could result in an abnormal process...
CVE-2024-24978
Denial-of-service DoS vulnerability exists in TvRock 0.9t8a. Receiving a specially crafted request by a remote attacker or having a user of TvRock click a specially crafted request may lead to ABEND abnormal end. Note that the developer was unreachable, therefore, users should consider stop using...
CVE-2023-41112
An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123. A buffer copy, without checking the size of the input, can cause...
K000149304: OpenSSL vulnerability CVE-2024-6119
Security Advisory Description Issue summary: Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an...
Security Bulletin:cryptography-42.0.7-cp39-abi3-manylinux_2_28_x86_64.whl Vulnerability Affects IBM Data Observability by Databand (CVE-2024-6119)
Summary A vulnerability in cryptography-42.0.7-cp39-abi3-manylinux228x8664.whl was addressed in IBM Data Observability by Databand Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error when performing certificate name checks e.g.,...
Security Bulletin: IBM Maximo Application Suite uses serve-static-1.15.0.tgz, send-0.18.0.tgz and cryptography-43.0.0-cp39-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2024-43800 CVE-2024-43799 CVE-2024-6119.
Summary IBM Maximo Application Suite uses serve-static-1.15.0.tgz, send-0.18.0.tgz and cryptography-43.0.0-cp39-abi3-manylinux228x8664.whl which is vulnerable to CVE-2024-43800, CVE-2024-43799 and CVE-2024-6119. This bulletin contains information regarding the vulnerability and its fixture...
Medium: openssl
Issue Overview: Issue summary: Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a...