Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: NFSD: Limits the number of concurrent async COPY operations Nothing seems to limit the number of concurrent async COPY operations that clients can initiate. Additionally, AFAICT allows each async COPY to copy an unlimited number ...

EUVD-2026-29987

On an HTTP/2 virtual server with Layer 7 DoS Protection configured, undisclosed traffic can result in an increase in memory consumption causing the Traffic Management Microkernel TMM process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-41227

CVE-2026-41227 affects BIG-IP with HTTP/2 Layer 7 DoS Protection enabled. Undisclosed traffic can trigger a memory increase that causes the Traffic Management Microkernel (TMM) process to terminate, leading to DoS on the data plane. The advisory notes EoTS-filtering is applied to evaluation, and ...

CVE-2026-41227 BIG-IP HTTP/2 Layer 7 Dos Protection vulnerability

On an HTTP/2 virtual server with Layer 7 DoS Protection configured, undisclosed traffic can result in an increase in memory consumption causing the Traffic Management Microkernel TMM process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

PT-2026-40661

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.1 F5 BIG-IP versions prior to 17.5.1.4 Description On an HTTP/2 virtual server with Layer 7 DoS Protection configured, undisclosed traffic can lead to excessive resource allocation and increased memory...

PT-2026-34381

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the ksmbd module occurs when a multichannel session binding request fails, such as due to an incorrect password. In these instances, the error path unconditionally sets the...

Security update 5.0.7 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-67724: fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: fixed HTTP header parameter parsing algorithm bsc1254904...

Security update 5.0.7 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

CLSA-2026-1768814484 ruby: Fix of CVE-2025-58767

CVE-2025-58767: fixed REXML to reject duplicate XML declarations and validate declaration attributes to protect from DoS...

OPENSUSE-SU-2025:20143-1 Security update for git-bug

This update for git-bug fixes the following issues: Changes in git-bug: - Revendor to include fixed version of depending libraries: - GO-2025-4116 CVE-2025-47913, bsc1253506 upgrade golang.org/x/crypto to v0.43.0 - GO-2025-3900 GHSA-2464-8j7c-4cjm upgrade github.com/go-viper/mapstructure/v2 to...

CVE-2025-59478

When a BIG-IP AFM denial-of-service DoS protection profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-59478

CVE-2025-59478 affects BIG-IP AFM DoS protection profile on BIG-IP devices. The issue can cause the Traffic Management Microkernel (TMM) to terminate when handling undisclosed requests, resulting in a DoS condition. Affected combinations (per vendor advisories) include BIG-IP AFM with vulnerable ...

EUVD-2018-17295

Malware in sbrugna...

Security update for nbdkit

This update for nbdkit fixes the following issues: Update to version 1.36.5. Security fixes: CVE-2025-47712: integer overflow in blocksize filter when processing client block status requests larger than 232 will trigger an assertion failure and cause a denial-of-service. bsc1243108. CVE-2025-4771...

[SECURITY] Fedora 41 Update: dnsdist-1.9.10-1.fc41

dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...

[SECURITY] Fedora 42 Update: dnsdist-1.9.10-1.fc42

dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...

[SECURITY] Fedora 42 Update: dnsdist-1.9.9-1.fc42

dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...

Configure a Proper Number of Concurrent Sessions Allowed for a Single SSH Connection

SSH allows a client that supports multiplexing to establish multiple sessions based on a network connection. MaxSessions limits the number of concurrent SSH sessions that can be established for each network connection. This prevents system resources from being occupied by a single connection or a...

SUSE-SU-2025:20160-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. - CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server bsc1237041. Other bugfixes: - Fix ssh client segfault with...

GHSA-H958-FXGG-G7W3 Security Update for the OPC UA .NET Standard Stack

This security update resolves a vulnerability in the OPC UA .NET Standard Stack that allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled. Note that the Basic128Rsa15 is disabled by default so most users will not be...