[SECURITY] Fedora 42 Update: libssh-0.11.3-1.fc42

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

CVE-2025-45587

CVE-2025-45587 describes a stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 that allows attackers to cause a Denial of Service (DoS) via a crafted input. Affected component is the FTP service; root cause is a stack overflow. Documented impact: availability impact h...

CVE-2025-45583

Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password...

PT-2025-37351

Name of the Vulnerable Software and Affected Versions: Audi UTR 2.0 Universal Traffic Recorder 2.0 Description: A stack overflow in the FTP service allows attackers to cause a Denial of Service DoS via a crafted input. Recommendations: At the moment, there is no information about a newer version...

Audi UTR 2.0 安全漏洞

Audi UTR 2.0 is an in-vehicle car recording system from Audi Germany. A security vulnerability exists in Audi UTR 2.0 that originates from a stack overflow in the FTP service, which could lead to a denial of service attack...

Audi UTR 2.0 安全漏洞

Audi UTR 2.0 is an in-vehicle car recording system from Audi Germany. A security vulnerability exists in Audi UTR 2.0, which originates from improper access control of the FTP protocol, which allows an attacker to authenticate using any combination of username and password...

CVE-2025-45583

CVE-2025-45583 affects Audi UTR 2.0 Universal Traffic Recorder 2.0. The vulnerability is an improper access control in the FTP protocol that allows an attacker to authenticate to the service using any username/password combination. CVSS metrics in the provided records indicate a CRITICAL base sco...

WordPress WP Import plugin unauthorized access vulnerability

WordPress WP Import plugin is a plugin for batch importing and exporting WordPress data, supports multiple file formats such as CSV, XML, JSON, etc., and can handle posts, pages, comments, users and other data. WordPress WP Import plugin has an unauthorized access vulnerability that stems from a...

PT-2025-37347

Name of the Vulnerable Software and Affected Versions: Audi UTR 2.0 Universal Traffic Recorder 2.0 affected versions not specified Description: An incorrect access control issue exists in the FTP protocol. This allows attackers to authenticate to the service using any combination of username and...

CVE-2025-48040

Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to...

AZL-67278 CVE-2025-48040 affecting package erlang for versions less than 25.3.2.21-4

Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to...

AZL-67124 CVE-2025-48041 affecting package erlang for versions less than 26.2.5.15-1

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5....

AZL-67118 CVE-2025-48038 affecting package erlang for versions less than 25.3.2.21-4

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

UBUNTU-CVE-2025-48039

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

UBUNTU-CVE-2025-48040

Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to...

CVE-2025-48041 SSH_FXP_OPENDIR may Lead to Exhaustion of File Handles

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5....

CVE-2025-48040

Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to...

CVE-2025-48040 Malicious Key Exchange Messages may Lead to Excessive Resource Consumption

Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to...

CVE-2025-48039

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

CVE-2025-48039

CVE-2025-48039 affects Erlang OTP ssh_sftp module (lib/ssh/src/ssh_sftpd.erl) and can cause excessive resource consumption due to unverified paths from authenticated SFTP users. Public disclosures link multiple Linux distro advisories updating Erlang (e.g., openSUSE/SUSE SUSE-SU-2026:20043-1, SUS...