SUSE CVE-2026-43495

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...

CVE-2026-43495

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: libceph: Potential out-of-bounds reads in processmessageheader have been prevented. If the message frame is maliciously corrupted in such a way that the length of the control segment becomes shorter than the size of the message...

CVE-2026-47323

Camel-CXF and Camel-Knative Message Header Injection via Missing Inbound Filtering The CXF and Knative HeaderFilterStrategy implementations CxfRsHeaderFilterStrategy in camel-cxf-rest, CxfHeaderFilterStrategy in camel-cxf-transport, and KnativeHttpHeaderFilterStrategy in camel-knative-http only...

EUVD-2026-28712

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in processmessageheader If the message frame is maliciously corrupted in a way that the length of the control segment ends up being less than the size of the message header or a...

CVE-2026-43406

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in processmessageheader If the message frame is maliciously corrupted in a way that the length of the control segment ends up being less than the size of the message header or a...

UBUNTU-CVE-2026-43406

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in processmessageheader If the message frame is maliciously corrupted in a way that the length of the control segment ends up being less than the size of the message header or a...

CVE-2026-43406 libceph: prevent potential out-of-bounds reads in process_message_header()

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in processmessageheader If the message frame is maliciously corrupted in a way that the length of the control segment ends up being less than the size of the message header or a...

CVE-2026-43406

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in processmessageheader If the message frame is maliciously corrupted in a way that the length of the control segment ends up being less than the size of the message header or a...

CVE-2026-43406

CVE-2026-43406 affects the Linux kernel libceph component. The issue is in process_message_header() where, if a message frame is corrupted or misrepresented, an out-of-bounds read may occur due to a missing explicit bounds check before decoding the header. The vulnerability can enable remote expl...

Linux Distros Unpatched Vulnerability : CVE-2026-43406

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: prevent potential out-of-bounds reads in processmessageheader If the message frame is maliciously corrupted in a way that the length of the control...

PT-2026-39067

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the libceph component where out-of-bounds reads can occur within the process message header function. This happens if a message frame is corrupted, causing the control...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of boundary checks on message frames in the processmessageheader function, potentially...

PT-2026-38399

Name of the Vulnerable Software and Affected Versions Netty affected versions not specified Description Resource exhaustion occurs because the MQTT 5 header Properties section is parsed and buffered before any message size limit is applied. In the MqttDecoder class, the decodeVariableHeader...

UBUNTU-CVE-2026-28780

Heap-based Buffer Overflow vulnerability in modproxyajp of Apache HTTP Server. If modproxyajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to modproxyajp and cause it to write 4 attacker controlled bytes after the end of a heap based buffer. This issue...

CVE-2026-35547

CVE-2026-35547 affects the libnv library. Description: processing the header of an incoming message may fail to validate message size, allowing writing outside a heap allocation. Impact per sources: crash/system panic and potential privilege escalation for unprivileged users. Affected products in...

FreeBSD : FreeBSD -- Heap overflow in libnv (c3a9c5a6-4435-11f1-bb07-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c3a9c5a6-4435-11f1-bb07-bc241121aa0a advisory. When processing the header of an incoming message, libnv failed to properly validate the message size...

FreeBSD -- Heap overflow in libnv

Problem Description: When processing the header of an incoming message, libnv failed to properly validate the message size. Impact: The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible...

CVE-2026-39971 Serendipity: Host Header Injection leads to SMTP header injection via unvalidated HTTP_HOST

Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the email sending functionality in include/functions.inc.php inserts $SERVER'HTTPHOST' directly into the Message-ID SMTP header without validation, and the existing sanitization function serendipityisResponseClean is not...

CVE-2026-23243

In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative datalen in ibumadwrite ibumadwrite computes datalen from user-controlled count and the MAD header sizes. With a mismatched user MAD header size and RMPP header length, datalen can become negative and...