938 matches found
K000160874: BIG-IP Configuration utility vulnerability CVE-2026-39455
Security Advisory Description When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. CVE-2026-39455 Impact The Configuration utility stops...
PT-2026-40640
Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication,...
F5 BIG-IP 安全漏洞
F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP. This vulnerability arises from the use ...
Astra Linux – Vulnerability in Dbus
A issue was discovered in D-Bus before 1.12.24, 1.13.x, and 1.14.x, before 1.14.4, and 1.15.x, before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fsverity: The FSIOCENABLEVERITY function is rejected when called on a file descriptor in mode 3. Commit 56124d6c87fd “fsverity: support enabling with tree block size fmode & FMODEREAD condition in kernelread became reachable...
CVE-2026-39457 Stack overflow via select() file descriptor set overflow
When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...
CVE-2026-39457 Stack overflow via select() file descriptor set overflow
When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...
CVE-2026-39457
When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...
FreeBSD -- Stack overflow via select() file descriptor set overflow
Problem Description: When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. Impact: An attacker who is able to force a libnv applicati...
CVE-2026-41338
OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns in applypatch, remove, and mkdir operations to manipulate files between validation and execution...
SUSE CVE-2026-33610
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of error paths. This vulnerability may lead to an imbalance in reference counts...
PowerDNS Authoritative 资源管理错误漏洞
PowerDNS Authoritative is a DNS server software developed by PowerDNS Corporation. PowerDNS Authoritative has a resource management vulnerability that can lead to a denial-of-service attack. This vulnerability occurs when the PowerDNS auxiliary servers forward DNS update requests to malicious...
PT-2026-34447
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007056)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007056 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INTMAX When sysctlnropen is set to a ver...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007272)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007272 advisory. In the Linux kernel, the following vulnerability has been resolved: iouring: drop any code related to SCMRIGHTS This is dead code after we dropped support for passin...
CVE-2026-39959
Tmds.DBus provides .NET libraries for working with D-Bus from .NET. Tmds.DBus and Tmds.DBus.Protocol are vulnerable to malicious D-Bus peers. A peer on the same bus can spoof signals by impersonating the owner of a well-known name, exhaust system resources or cause file descriptor spillover by...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the handling of messages from D-Bus peers. An attacker can exhaust system resources, cause application crashes, or spoof signals by sending messages with excessive Unix file...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the handling of messages from D-Bus peers. An attacker can exhaust system resources, cause application crashes, or spoof signals by sending messages with excessive Unix file...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006710)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006710 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INTMAX When sysctlnropen is set to a ver...