Astra Linux - уязвимость в qemu

In QEMU versions up to 5.0.0, an assertion failure can occur during network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could exploit this flaw to terminate the QEMU process on the host, resulting in a denial-of-service condition in...

CVE-2026-8369

CVE-2026-8369 describes an issue in the NAT64 translator of The OpenThread Authors’ OpenThread (affected: OpenThread before commit 26a882d, on all platforms) caused by improper input validation. The vulnerability enables an attacker on an adjacent IPv4 network to inject corrupted IPv6 packets int...

PgBouncer integer overflow in PgBouncer network packet parsing

...

UBUNTU-CVE-2026-6664

An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...

CVE-2026-6664 PgBouncer integer overflow in PgBouncer network packet parsing

An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...

CVE-2026-6664 PgBouncer integer overflow in PgBouncer network packet parsing

An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...

PgBouncer 输入验证错误漏洞

PgBouncer is an open-source, lightweight connection pool for PostgreSQL developed by the PgBouncer community. Prior to PgBouncer 1.25.2, there was a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows in the network packet parsing code, which allowe...

RHEL 8 : corosync (RHSA-2026:14216)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14216 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...

CVE-2026-6918

In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message...

CVE-2026-7375

A flaw was found in Wireshark. A remote attacker could exploit an infinite loop in the UDS Unix Domain Socket protocol dissector by crafting a malicious network packet. This could lead to a denial of service DoS, making the Wireshark application unresponsive and unavailable to users...

Wireshark 安全漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

Wireshark 安全漏洞

Wireshark is a set of network packet analysis software developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

CVE-2026-31683

A flaw was found in the batman-adv module of the Linux kernel. This vulnerability arises when the Optimized Global Messaging OGM aggregation state is dynamically altered, leading to insufficient buffer space skb tailroom for network packets. A remote attacker could exploit this condition by sendi...

OESA-2026-2014 firebird security update

Firebird is a relational database offering many ANSI SQL standard features that runs on Linux, Windows, MacOS and a variety of Unix platforms. Firebird offers excellent concurrency, high performance, and powerful language support for stored procedures and triggers. It has been used in production...

DEBIAN-CVE-2026-31635

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix oversized RESPONSE authenticator length check rxgkverifyresponse decodes authlen from the packet and is supposed to verify that it fits in the remaining bytes. The existing check is inverted, so oversized RESPONSE...

CVE-2026-31517

A flaw was found in the Linux kernel's IP-TFS IP-Transparent Fragmentation Service subsystem. A remote attacker could send specially crafted network packets that, during the reassembly process, cause the kernel to attempt an invalid operation on a network buffer. This improper handling of network...

Anviz CrossChex Standard 安全漏洞

Anviz CrossChex Standard is a centralized control software developed by Anviz Corporation in the United States, used for access control and attendance data management. Anviz CrossChex Standard has a security vulnerability. This vulnerability stems from the lack of source verification in the...

PT-2026-33477

Firebird is an open-source relational database management system. In versions prior to 6.0.0, 5.0.4, 4.0.7 and 3.0.14, when processing an op slice network packet, the server passes an unprepared structure containing a null pointer to the SDL info function, resulting in a null pointer dereference...

CVE-2026-39863

Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.1.1, 6.0.6, and 5.8.8, an out-of-bounds access in the core of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted data packet sent over TCP. The...

EUVD-2026-8876

VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. Resolution: To remediate CVE-2026-22715...