48 matches found
CVE-2026-54280
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, payload resources are not closed correctly when a client disconnects in the middle of a write. If a payload is using an open file or similar limited resource, then an attacker may be able to cause...
Linux Distros Unpatched Vulnerability : CVE-2026-54280
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, payload resources are not closed correctly when a client...
Improper Resource Shutdown or Release
Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release in the payload response resources when a client disconnects during a write operation. An attacker can cause temporary resource exhaustion by repeatedly initiating connections and disconnecting...
PT-2026-49594
Name of the Vulnerable Software and Affected Versions AIOHTTP versions prior to 3.14.1 Description Payload resources are not closed correctly when a client disconnects during a write operation. If a payload utilizes an open file or other limited resources, an attacker can cause temporary resource...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: xorg-x11-server (UTSA-2026-006165)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006165 advisory. A flaw was discovered in the X.Org X servers X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without...
CVE-2025-14969
CVE-2025-14969 describes a Denial of Service risk in Hibernate Reactive: when an HTTP endpoint performing DB ops is prematurely closed by a remote client, the DB connection pool can leak connections, exhausting resources. The CVSS 3.1 base score is 4.3 (Medium). IBM’s Quarkus bulletins and Red Ha...
CVE-2025-66560 Quarkus REST has potential worker thread starvation when HTTP connection is closed while waiting to write
Quarkus is a Cloud Native, Linux Container First framework for writing Java applications. Prior to versions 3.31.0, 3.27.2, and 3.20.5, a vulnerability exists in the HTTP layer of Quarkus REST related to response handling. When a response is being written, the framework waits for previously writt...
CVE-2025-66560 Quarkus REST has potential worker thread starvation when HTTP connection is closed while waiting to write
Quarkus is a Cloud Native, Linux Container First framework for writing Java applications. Prior to versions 3.31.0, 3.27.2, and 3.20.5, a vulnerability exists in the HTTP layer of Quarkus REST related to response handling. When a response is being written, the framework waits for previously writt...
xorg: xwayland: Use-after-free in Xkb client resource removal
A flaw was discovered in the X.Org X server’s X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected...
xorg: xwayland: Use-after-free in Xkb client resource removal
A flaw was discovered in the X.Org X server’s X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected...
xorg: xwayland: Use-after-free in Xkb client resource removal
A flaw was discovered in the X.Org X server’s X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected...
xorg: xwayland: Use-after-free in Xkb client resource removal
A flaw was discovered in the X.Org X server’s X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected...
Unity Linux 20.1060a / 20.1070a Security Update: tigervnc (UTSA-2025-990940)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990940 advisory. A flaw was discovered in the X.Org X servers X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without...
xorg: xwayland: Use-after-free in Xkb client resource removal
A flaw was discovered in the X.Org X server’s X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected...
AZL-69580 CVE-2025-62230 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-3
A flaw was discovered in the X.Org X server’s X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected...
CVE-2025-62230
A flaw was discovered in the X.Org X server’s X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected...
CVE-2025-62230
CVE-2025-62230 affects the X.Org X server family (Xwayland/Xkb handling). The issue is a use-after-free in the Xkb client resource removal path when a client disconnects, caused by improper cleanup of Xkb resources that frees the XkbInterest data but not the associated resource, potentially leadi...
UBUNTU-CVE-2025-62230
A flaw was discovered in the X.Org X server’s X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected...
EUVD-2021-0161
Malware in sbrugna...
EUVD-2007-4736
Malware in sbrugna...