264 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Fixed the check on the return value of copytoiter. The return value of copytoiter cannot be negative; instead of checking for negative values, we should check whether the copied length is equal to the requested...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: vhost: Take a reference on the task in the struct vhosttask. The vhosttaskcreate function creates a task and maintains a reference to its taskstruct. This task may exit early due to a signal, and its taskstruct will be released. ...
libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (First- vs Last-Value Wins)
A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000302)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000302 advisory. A flaw was found in the Linux kernel's handlerx function in the vhostnet driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds...
[SECURITY] Fedora 42 Update: nginx-mod-vts-0.2.4-4.fc42
Nginx virtual host traffic status module...
CVE-2022-50851 vhost_vdpa: fix the crash in unmap a large memory
In the Linux kernel, the following vulnerability has been resolved: vhostvdpa: fix the crash in unmap a large memory While testing in vIOMMU, sometimes Guest will unmap very large memory, which will cause the crash. To fix this, add a new function vhostvdpageneralunmap. This function will only...
CVE-2022-50738
Technical details for CVE-2022-50738 are not publicly provided in the supplied documents. Monitor for updates from kernel/vhost-vdpa patches and related advisories.
[SECURITY] Fedora 42 Update: gobuster-3.8.2-2.fc42
Directory/File, DNS and VHost busting tool written in Go...
[SECURITY] Fedora 43 Update: gobuster-3.8.2-1.fc43
Directory/File, DNS and VHost busting tool written in Go...
CVE-2025-14523
CVE-2025-14523 – libsoup Host header handling issue A flaw in libsoup’s HTTP header handling allows multiple Host headers in a single request, with the backend reading the last occurrence. This mismatch between proxies (first Host header honored) and backend processing can enable request-smugglin...
CVE-2025-14523 Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins)
A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the...
Fixed in Apache Tomcat 11.0.15
Low: Security constraint bypass CVE-2026-24733 Tomcat did not limit HTTP/0.9 requests to the GET method. If a security constraint was configured to allow HEAD requests to a URI but deny GET requests, the user could bypass that constraint on GET requests by sending a specification invalid HEAD...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-43883)
usb: vhci-hcd: vulnerability due to the vhci-hcd driver dropping references before new ones were gained, potentially leading to the use of stale pointers. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early The creation of debugfs files is moved to a dedicated function, and it is ensured that these files are explicitly removed during vhcirelease, before the...
vhost: Take a reference on the task in struct vhost_task.
...
EUVD-2001-1365
Malware in sbrugna...
EUVD-2014-3580
Malware in sbrugna...
EUVD-2023-58930
Malicious code in bioql PyPI...
EUVD-2021-30370
Malicious code in bioql PyPI...
EUVD-2025-30339
Malicious code in bioql PyPI...