Wireshark 安全漏洞

Wireshark formerly Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A security vulnerability exists in Wireshark versions 4.6.0 through 4.6.2, which stems from an...

MiracleLinux 4 : wireshark-1.2.15-2.AXS4.1 (AXSA:2012-539:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2012-539:02 advisory. Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library,...

PT-2026-2953

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.2 Description An infinite loop in the HTTP3 protocol dissector can lead to a denial of service. Recommendations Update to a newer version that contains a fix for this vulnerability...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: f2fs: A infinite loop has been fixed in insertextenttree. When incorrect extent information is received, and extentnode is looked up in the RB tree, it can lead to an infinite loop CONFIGF2FSCHECKFS=n. To avoid this issue, a NULL...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘ipmi: fix msg stack when IPMI is disconnected’” This fix reverts to the previous behavior with the commit number c608966f3f9c2dca596967501d00753282b395fc. This patch contains a minor bug that can cause the IPMI driver to...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: erofs: Avoid infinite loops due to incomplete zstd-compressed data. Currently, the decompression logic incorrectly processes compressed data if the data is truncated in crafted deliberately corrupted images...

ROS-20260113-7386

A vulnerability in the components ipv6routeupdatesoftlockup.sh, Makefile, route.c, ip6fib.c of the Linux kernel is related to the execution of a loop with an unreachable exit condition. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

MiracleLinux 9 : python3.9-3.9.21-2.el9_6.2 (AXSA:2025-10822:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10822:03 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 7 : python-2.7.5-94.0.5.el7.AXS7 (AXSA:2025-11503:37)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11503:37 advisory. CVE-2025-8194: fix infinite loop and deadlock in TarFile extraction and entry enumeration APIs CVEs: CVE-2025-8194 There is a defect in the CPython tarfile...

MiracleLinux 9 : python3.12-3.12.9-1.el9_6.2 (AXSA:2025-10825:11)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10825:11 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : git-lfs-3.6.1-1.el9 (AXSA:2025-10212:04)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10212:04 advisory. golang: crypto/tls: panic when processing post-handshake message on QUIC connections CVE-2023-39321 golang: crypto/tls: lack of a limit on buffered...

MiracleLinux 8 : python39:3.9 (AXSA:2025-10818:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10818:01 advisory. setuptools: Path Traversal Vulnerability in setuptools PackageIndex CVE-2025-47273 cpython: Cpython infinite loop when parsing a tarfile...

MiracleLinux 8 : python3.12-3.12.11-2.el8_10 (AXSA:2025-10803:10)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10803:10 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 7 : python3-3.6.8-21.0.5.0.1.el7.AXS7 (AXSA:2025-11016:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11016:07 advisory. Bump package Release to 21.0.5 CVE-2025-8194: tarfile: validate archives to ensure member offsets are non-negative CVEs: CVE-2025-8194 There is a defect in...

CLSA-2026-1768210495 cups-filters: Fix of CVE-2025-64524

CVE-2025-64524: fix heap buffer overflow and infinite loop in rastertopclx when processing maliciously crafted raster input...

ROS-20260112-7353

A vulnerability in the mcp251xfdopen function of the drivers/net/can/spi/mcp251xfd/mcp251xfd-core.c module of the Linux kernel is related to the execution of a loop with an unreachable exit condition "Infinite loop". Exploitation of the vulnerability could allow an attacker to cause a denial of...

CVE-2021-27565

The web server in InterNiche NicheStack through 4.0.1 allows remote attackers to cause a denial of service infinite loop and networking outage via an unexpected valid HTTP request such as OPTIONS. This occurs because the HTTP request handler enters a miscoded wbsloop debugger hook...

CVE-2021-28667

StackStorm before 3.4.1, in some situations, has an infinite loop that consumes all available memory and disk space. This can occur if Python 3.x is used, the locale is not utf-8, and there is an attempt to log Unicode data from an action or rule name...

CVE-2021-31400

An issue was discovered in tcppulloutofband in tcpin.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment's data. If the panic function hadn't a trap...

CVE-2022-37768

libjpeg commit 281daa9 was discovered to contain an infinite loop via the component Frame::ParseTrailer...