CVE-2026-20057

Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications VBA feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to lack of proper error checking when decompressing VBA...

CVE-2026-20057 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications VBA feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to lack of proper error checking when decompressing VBA...

CVE-2026-20054

Cisco CVE-2026-20054 affects Snort 3 VBA feature. The vulnerability stems from improper error checking when decompressing VBA data, allowing an unauthenticated attacker to send crafted VBA to the Snort 3 Detection Engine and force an infinite loop, resulting in DoS. CVSS‑3.1 metrics: AV:N/AC:L/PR...

CVE-2026-20054 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Infinite Loop Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper error checking when decompressing VBA data. An attacker could exploit this...

CVE-2026-20053

Cisco CVE-2026-20053 affects multiple Cisco products via Snort 3 Visual Basic for Applications (VBA) Decompression Engine. The vulnerability stems from improper range checking when decompressing VBA data, which is user-controlled, enabling an unauthenticated, remote attacker to cause the Snort 3 ...

CVE-2026-20053 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Heap Overflow Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper range checking when decompressing VBA data, which is user controlled. An...

Multiple Cisco Products Snort 3 Visual Basic for Applications Denial of Service Vulnerabilities

Multiple Cisco products are affected by vulnerabilities in the Snort 3 Visual Basic for Applications VBA Decompression Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to unexpectedly restart, resulting in a denial of service DoS condition. For mor...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.25 bug fix and security update

Red Hat OpenShift Container Platform release 4.19.25 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.50 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.50 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

Cisco IOS XE和Cisco Secure Firewall Threat Defense 数字错误漏洞

Cisco IOS XE and Cisco Secure Firewall Threat Defense are both products of the American company Cisco. Cisco IOS XE is an operating system. It serves as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN operations. Cisco IOS XE reduces the complexity o...

Cisco IOS XE和Cisco Secure Firewall Threat Defense 安全漏洞

Cisco IOS XE and Cisco Secure Firewall Threat Defense are both products of the American company Cisco. Cisco IOS XE is an operating system. It serves as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN operations. Cisco IOS XE reduces the complexity o...

PT-2026-23046

Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.35.0 Description cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Before version 0.35.0, the library does not enforce the payload size limit configured via Server::set payload ma...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: resource-agents (UTSA-2026-005388)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005388 advisory. urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: brotli (UTSA-2026-005387)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005387 advisory. Scrapy versions up to 2.13.2 are vulnerable to a denial of service DoS attack due to a flaw in its brotli decompression implementation. The protection mechanism...

Security Bulletin: There is a vulnerability in urllib3-2.6.2-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-21441)

Summary There is a vulnerability in urllib3-2.6.2-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-21441 DESCRIPTION: urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient...

Ubuntu 22.04 LTS / 24.04 LTS : Authlib vulnerabilities (USN-8065-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8065-1 advisory. Millie Solem discovered that Authlib did not properly restrict algorithm selection during JWT verification, allowing HMAC verification with...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-urllib3_1 (SUSE-SU-2026:0635-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0635-1 advisory. - CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in...

OESA-2026-1445 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 6 Summary: A...

Denial Of Service

pypdf is vulnerable to Denial of Service. The vulnerability is due to a malformed /FlateDecode stream, where the byte-by-byte decompression is used, and an attacker can craft a PDF which leads to long runtimes...

Security Bulletin: Multiple Vulnerabilities in IBM Data Product Hub

Summary Multiple vulnerabilities were addressed in IBM Data Product Hub version 5.3.1 Vulnerability Details CVEID:CVE-2026-21441 DESCRIPTION: urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content...