84 matches found
CVE-2026-27859
A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery process to consume large amounts of CPU time. Use MTA capabilities to limit RFC 2231 MIME parameters in mail messages, or upgrade to fixed...
MiracleLinux 8 : dovecot-2.3.8-9.el8 (AXSA:2021-2023:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2023:02 advisory. dovecot: IMAP hibernation function allows mail access CVE-2020-24386 dovecot: Denial of service via mail MIME parsing CVE-2020-25275 Tenable has...
MiracleLinux 8 : pcs-0.10.15-4.el8.1.ML.1 (AXSA:2023-6169:12)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6169:12 advisory. rubygem-rack: Denial of service in Multipart MIME parsing CVE-2023-27530 rubygem-rack: denial of service in header parsing CVE-2023-27539 Tenable ha...
Security update for go1.25
This update for go1.25 fixes the following issues: go1.25.5 released 2025-12-02 includes two security fixes to the crypto/x509 package, as well as bug fixes to the mime and os packages. bsc1244485 CVE-2025-61729 CVE-2025-61727: go76461 go76445 bsc1254431 security: fix CVE-2025-61729 crypto/x509:...
EUVD-2025-34664
Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerability is due to a lack of complete error checking when the MIME fields of the HTTP header are...
CVE-2025-20360
CVE-2025-20360 affects multiple Cisco products via the Snort 3 HTTP Decoder. The root cause is incomplete error checking when parsing MIME fields in HTTP headers, leading to a DoS where the Snort 3 Detection Engine restarts after processing crafted HTTP packets. Exploitation requires an unauthent...
EUVD-2019-6858
Malware in sbrugna...
TencentOS Server 4: pcs (TSSA-2024:1001)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1001 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Ubuntu: Security Advisory (USN-6905-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Rack vulnerabilities (USN-6905-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6905-1 advisory. It was discovered that Rack incorrectly handled certain regular expressions. A remote attacker could...
RHEL 7 : rubygem-rack (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - rubygem-rack: Denial of service in Multipart MIME parsing CVE-2023-27530 - A possible denial of service...
CentOS 8 : pcs (CESA-2023:3082)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:3082 advisory. - A DoS vulnerability exists in Rack v3.0.4.2, v2.2.6.3, v2.1.4.3 and v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attack...
Important: thunderbird
Issue Overview: The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the message date and time, and displayed a valid signature despite a date or time mismatch...
Moderate: Red Hat Security Advisory: pcs security and bug fix update
An update for pcs is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Oracle Linux 8 : pcs (ELSA-2023-3082)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-3082 advisory. 0.10.15-4.0.1.el88.1 - Replace HAM-logo.png with a generic one 0.10.15-4.el88.1 - Fix displaying differences between configuration checkpoints in pcs...
SUSE SLES15 Security Update : rmt-server (SUSE-SU-2023:2294-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2294-1 advisory. Updated to version 2.13: - CVE-2023-28120: Fixed a potential XSS issue in an embedded dependency bsc1209507. - CVE-2023-27530: Fixe...
pcs security and bug fix update
An update is available for pcs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The pcs packages provide a command-line configuration system for the Pacemaker an...
golang: net/http, net/textproto: denial of service from excessive memory allocation
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service...
AlmaLinux 8 : pcs (ALSA-2023:3082)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3082 advisory. - A DoS vulnerability exists in Rack v3.0.4.2, v2.2.6.3, v2.1.4.3 and v2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker ...
pcs security and bug fix update
An update is available for pcs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The pcs packages provide a command-line configuration system for the Pacemaker an...