Astra Linux - уязвимость в tomcat9

Apache Tomcat versions 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43, and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop, resulting in a denial of...

Oracle Linux 10 : postgresql16 (ELSA-2026-0525)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0525 advisory. 16.11-1.0.1 - Replace upstream reference Orabug: 37044148 16.11-1 - Update to 16.11 16.10-3 - Add tmpfiles.d configuration for PostgreSQL 16 - Ensures proper...

Security update for iperf

This update for iperf fixes the following issues: Update to 3.18 bsc1234705, CVE-2024-53580: SECURITY NOTE: Thanks to Leonid Krolle Bi.Zone for discovering a JSON type security vulnerability that caused a segmentation fault in the server. CVE-2024-53580 This has now been fixed. PR1810 UDP packets...

openSUSE Security Advisory (SUSE-SU-2024:3076-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

dotnet: Denial of Service in X509Certificate2

A denial of service vulnerability exists in .NET applications with OpenSSL support when parsing X509 certificates. The issue arises from inadequate validation of user-supplied input in .NET. This flaw allows a remote attacker to trigger a denial of service DoS attack by providing specially crafte...

dotnet: Denial of Service in X509Certificate2

A denial of service vulnerability exists in .NET applications with OpenSSL support when parsing X509 certificates. The issue arises from inadequate validation of user-supplied input in .NET. This flaw allows a remote attacker to trigger a denial of service DoS attack by providing specially crafte...

dotnet: Denial of Service in X509Certificate2

A denial of service vulnerability exists in .NET applications with OpenSSL support when parsing X509 certificates. The issue arises from inadequate validation of user-supplied input in .NET. This flaw allows a remote attacker to trigger a denial of service DoS attack by providing specially crafte...

dotnet: Denial of Service in X509Certificate2

A denial of service vulnerability exists in .NET applications with OpenSSL support when parsing X509 certificates. The issue arises from inadequate validation of user-supplied input in .NET. This flaw allows a remote attacker to trigger a denial of service DoS attack by providing specially crafte...

CVE-2024-21404

A denial of service vulnerability exists in .NET applications with OpenSSL support when parsing X509 certificates. The issue arises from inadequate validation of user-supplied input in .NET. This flaw allows a remote attacker to trigger a denial of service DoS attack by providing specially crafte...

SUSE-SU-2023:2046-1 Security update for openssl-ibmca

This update for openssl-ibmca fixes the following issues: Upgraded openssl-ibmca to version 2.4.0 bsc1210058 - Provider: Adjustments for OpenSSL versions 3.1 and 3.2 - Provider: Support RSA blinding - Provider: Constant-time fixes for RSA PKCS1 v1.5 and OAEP padding - Provider: Support 'implicit...

DEBIAN-CVE-2021-26530

The mgtlsinit function in Cesanta Mongoose HTTPS server 7.0 compiled with OpenSSL support is vulnerable to remote OOB write attack via connection request after exhausting memory pool...

CVE-2021-26530

The mgtlsinit function in Cesanta Mongoose HTTPS server 7.0 compiled with OpenSSL support is vulnerable to remote OOB write attack via connection request after exhausting memory pool...

OPENSUSE-SU-2020:2129-1 Security update for libssh2_org

This update for libssh2org fixes the following issues: - Version update to 1.9.0: bsc1178083, jscSLE-16922 Enhancements and bugfixes: adds ECDSA keys and host key support when using OpenSSL adds ED25519 key and host key support when using OpenSSL 1.1.1 adds OpenSSH style key file reading adds AES...

SUSE-SU-2020:3551-1 Security update for libssh2_org

This update for libssh2org fixes the following issues: - Version update to 1.9.0: bsc1178083, jscSLE-16922 Enhancements and bugfixes: adds ECDSA keys and host key support when using OpenSSL adds ED25519 key and host key support when using OpenSSL 1.1.1 adds OpenSSH style key file reading adds AES...

OPENSUSE-SU-2020:0031-1 Security update for proftpd

This update for proftpd fixes the following issues: GeoIP has been discontinued by Maxmind boo1156210 This update removes module build for geoip see https://support.maxmind.com/geolite-legacy-discontinuation-notice/ - CVE-2019-19269: Fixed a NULL pointer dereference may occur when validating the...

PYSEC-2017-98

Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them, in certain configurations, to not correctly validate TLS certificates. This places users of the library with those configurations at risk of man-in-the-middle and information leakage attacks. Thi...

Network Time Protocol Daemon (ntpd) 4.x < 4.2.4p7 / 4.x < 4.2.5p74 crypto_recv() Function RCE

The version of the remote NTP server is 4.x prior to 4.2.4p7 or 4.x prior to 4.2.5p74. It is, therefore, affected by a stack-based buffer overflow condition due to the use of sprintf in the cryptorecv function in ntpd/ntpcrypto.c. An unauthenticated, remote attacker can exploit this to cause a...

Pre-auth buffer-overflow in mySQL through yaSSL

The following is a proof-of-concept for testing the buffer-overflow which affects yaSSL = 1.7.5 on mySQL servers, any version, included the latest 6.0.3: http://aluigi.org/poc/mysqlo.zip The vulnerability is exploitable before authentication so the only requirements for testing it are the usage o...

SIGCHLD problem in Stunnel

Date: Sun, 12 Jan 2003 16:57:02 +0100 From: Michal Trojnara [email protected] To: [email protected], [email protected], [email protected] Subject: Stunnel 4.04 released -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Version 4.04, 2003.01.12, urgency: MEDIUM: New feature...