214 matches found
CVE-2025-62409 Envoy allows large requests and responses to cause TCP connection pool crash
Envoy is a cloud-native, open source edge and service proxy. Prior to 1.36.1, 1.35.5, 1.34.9, and 1.33.10, large requests and responses can potentially trigger TCP connection pool crashes due to flow control management in Envoy. It will happen when the connection is closing but upstream data is...
JLSEC-2025-31 An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature ...
An authentication bypass vulnerability exists in libcurl 8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain...
JLSEC-2025-28 libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if ...
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead ...
EUVD-2004-1752
Malware in sbrugna...
EUVD-2018-5751
Malware in sbrugna...
EUVD-2016-1444
Malware in sbrugna...
EUVD-2021-10053
Malware in sbrugna...
EUVD-2021-9290
Malicious code in bioql PyPI...
CVE-2025-24975
Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...
DEBIAN-CVE-2025-24975
Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...
UBUNTU-CVE-2025-24975
Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...
CVE-2025-24975 Firebird Non-Authorized Access to Encrypted Database Using Execute Statement on External
Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...
CVE-2025-24975
Firebird CVE-2025-24975 affects snapshot series prior to 4.0.6.3183, 5.0.2.1610, and 6.0.0.609 where ExtConnPoolSize is not 0 and CryptCallback interface presence does not match, potentially causing a server segfault and exposure across encrypted and unencrypted databases. Patches exist in snapsh...
CVE-2025-24975
Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...
PT-2025-33489 · Firebird · Firebird
Name of the Vulnerable Software and Affected Versions: Firebird versions prior to 4.0.6.3183 Firebird versions prior to 5.0.2.1610 Firebird versions prior to 6.0.0.609 Description: Firebird is a relational database. If the ExtConnPoolSize parameter is not set to 0, a server process segfault may...
The vulnerability of the Pgpool-II database connection pool management tool lies in the unencrypted storage of confidential information, allowing attackers to gain access to this confidential data.
The vulnerability of the Pgpool-II database connection pool management tool is related to the unencrypted storage of confidential information. Exploiting this vulnerability could allow an attacker operating remotely to gain access to confidential data...
The vulnerability of the PostgreSQL PgBouncer connection pool program, related to authentication process flaws, allows attackers to gain unauthorized access to the application.
The vulnerability of the PgBouncer connection pool program in PostgreSQL involves deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to the application...
Hackney fails to properly release HTTP connections to the pool
Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, causing denial of service in applications using the library. Fix for this issue has been included in 1.24.0 release...
GHSA-9FM9-HP7P-53MF Hackney fails to properly release HTTP connections to the pool
Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, causing denial of service in applications using the library. Fix for this issue has been included in 1.24.0 release...
CVE-2025-3864
Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, causing denial of service in applications using the library. Fix for this issue has been included in 1.24.0 release...