4755 matches found
[SECURITY] Fedora 44 Update: nginx-1.30.3-1.fc44
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...
[SECURITY] Fedora 43 Update: nginx-1.30.3-1.fc43
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...
CVE-2026-56766
Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious NTLM Type-2 challenges. A malicious server can send a crafted NTLM Type-2 challenge with an...
EUVD-2026-39515
Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious NTLM Type-2 challenges. A malicious server can send a crafted NTLM Type-2 challenge with an...
Astra Linux – Vulnerability in curl
When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3, or SMTP scheme, curl may incorrectly pass the bearer token to the new target host...
Important: kernel6.18
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroupstoragegetnextkey CVE-2026-45838 In the Linux kernel, the following vulnerability has been resolved: bpf: reject negative CO-RE accessor indices in bpfcoreparsespec...
Astra Linux – Vulnerability in Linux
A issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second or subsequent broadcast fragments even when sent in plaintext and process them as fully unfragmented frames. An adversary can exploit this vulnerability to inject arbitrary...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Serialization. The supported versions affected by this vulnerability include Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This...
Astra Linux – Vulnerability in Firefox
Using a redirect embedded in sourceMappingUrls may allow navigation to external protocol links within sandboxed iframes, without the requirement of allow-top-navigation-to-custom-protocols. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. The supported versions affected by this vulnerability are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5, and 22.3.1...
Astra Linux – Vulnerability in curl
A poorly protected credentials vulnerability exists in curl 4.9, and versions including curl 7.82.0 are also affected. This vulnerability could allow attackers to extract credentials when using HTTPS redirections with authentication. As a result, credentials may be leaked to other services that...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Check for any of the tcpbpfprots when cloning a listener. A listening socket linked to a sockmap has its skprot overridden. It points to one of the struct proto variants in tcpbpfprots. This variant depends on the...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Hotspot. The supported versions affected by this vulnerability include Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0....
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. The supported versions affected by this vulnerability are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. The vulnerability is difficult t...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: assert requested protocol is valid The protocol is used in a bit mask to determine whether the protocol is supported. It is asserted that the provided protocol is less than the maximum value defined, thereby avoiding...
Astra Linux – Vulnerability in Firefox and Thunderbird
Malicious websites could have caused Firefox to display the wrong origin when requesting the launch of a program and handling an external URL protocol. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
Astra Linux – Vulnerability in curl
There is an improper authentication vulnerability in curl versions 7.33.0 through and including 7.82.0. This vulnerability may allow for the reuse of OAUTH2-authenticated connections without ensuring that the connection was authentically verified with the same credentials used for this transfer...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: ImageIO. The supported versions affected include Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This easily exploitable vulnerabili...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: JAXP. The supported versions affected by this vulnerability include Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK:...
Astra Linux – Vulnerability in Firefox and Thunderbird
When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...