1683 matches found
GHSA-HGRR-935X-PQ79 Apache Tomcat Vulnerable to Improper Resource Shutdown or Release
If an error occurred including exceeding limits during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to delete. Depending on JVM settings, application memory usage and...
CVE-2025-61795
Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred including exceeding limits during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to...
CVE-2025-61795
Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred including exceeding limits during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to...
CVE-2025-61795 Apache Tomcat: Delayed cleaning of multi-part upload temporary files may lead to DoS
Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred including exceeding limits during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to...
CVE-2025-61795 Apache Tomcat: Delayed cleaning of multi-part upload temporary files may lead to DoS
Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred including exceeding limits during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to...
CVE-2025-61795
CVE-2025-61795 is an Apache Tomcat DoS due to improper resource shutdown: when processing multipart uploads, temporary parts on disk may not be cleaned promptly, allowing resource exhaustion. Affects Tomcat 11.x (11.0.0-M1–11.0.11), 10.x (10.1.0-M1–10.1.46), and 9.x (9.0.0.M1–9.0.109); EOL 8.5.x ...
Siemens SIMATIC Devices Use After Free (CVE-2024-27397)
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...
NewStart CGSL MAIN 7.02 : firefox Vulnerability (NS-SA-2025-0245)
The remote NewStart CGSL host, running version MAIN 7.02, has firefox packages installed that are affected by a vulnerability: - If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox 127, Firefox...
EUVD-2022-54869
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on totaldatablocks As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215916 The kernel message is shown below: kernel BUG at fs/f2fs/segment.c:2560! Call Trace:...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987687)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987687 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on iextraisize in isalive syzbot found a f2fs bug: BUG: KASAN:...
PT-2025-49086
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s xfrm subsystem where the xfrm state delete tunnel function is not consistently called for states that were initialized but never fully added. This can...
CVE-2025-62515 Remote Code Execution by Pickle Deserialization via FlightServer in pyquokka
pyquokka is a framework for making data lakes work for time series. In versions 0.3.1 and prior, the FlightServer class directly uses pickle.loads to deserialize action bodies received from Flight clients without any sanitization or validation in the doaction method. The vulnerable code is locate...
Mailpit -- Performance information disclosure
Ralph Slooten Mailpit developer reports: An HTTP endpoint was found which exposed expvar runtime information memory usage, goroutine counts, GC behavior, uptime and potential runtime flags due to the Prometheus client library dependency...
Use After Free
Redis is vulnerable to a Use-after-free in. The vulnerability is due to improper memory handling in the Lua garbage collector due to crafted Lua scripts, and attackers can exploit this by executing malicious EVAL or EVALSHA commands...
FreeBSD : Mozilla -- Incorrect boundary conditions (f60c790a-a394-11f0-9617-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f60c790a-a394-11f0-9617-b42e991fc52e advisory. [email protected] reports: The vulnerability has been assessed to have moderate impact on affected...
EUVD-2014-5149
Malware in sbrugna...
EUVD-2010-4222
Malware in sbrugna...
EUVD-2013-5441
Malware in sbrugna...
EUVD-2013-1765
Malware in sbrugna...
EUVD-2019-13494
Malware in sbrugna...