bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation

A flaw was found in BIND. A remote attacker can exploit this vulnerability by sending maliciously-constructed packets to BIND servers configured for TKEY-based authentication via GSS-API Generic Security Service Application Program Interface tokens. This can lead to excessive memory consumption,...

openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables

A flaw was found in the OpenSSH GSSAPI Generic Security Service Application Program Interface delta patches, as included in various Linux distributions. A remote attacker could exploit this by sending an unexpected GSSAPI message type during the key exchange process. This occurs because the...

CVE-2025-43782

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q2.0 through 2024.Q2.7, 2024.Q1.1 through 2024.Q1.12, and 7.4 GA through update 92 allows remote authenticated users to access a workflow definition by name via the API...

CVE-2024-6119

Issue summary: Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of...

CVE-2022-35264

A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...

Unspecified vulnerability in 101 applications

101 is an application program . Provides a JS util library. A security vulnerability exists in 101 versions 1.0.0 through 1.6.3, which can be exploited by an attacker to cause a denial of service and potentially lead to remote code execution...

klibc input validation error vulnerability (CNVD-2021-54000)

klibc is an application program. Provides the ability to work from kernel space as early as possible. klibc versions prior to 2.0.9 are vulnerable to an input validation error, which stems from multiple possible integer overflows in the cpio command on 32-bit systems that could lead to buffer...

SYS.2.3.A2

Auf Grundlage der Sicherheitsanforderungen und des Einsatzzwecks MUSS ein geeignetes Unix-Derivat bzw. eine geeignete Linux-Distribution ausgewaehlt werden. Es MUSS fuer die geplante Einsatzdauer des Betriebssystems Support verfuegbar sein. Alle benoetigten Anwendungsprogramme SOLLTEN als Teil de...

CVE-2016-4860

Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not require authentication for Logic Designer connections, which allows remote attackers to reconfigure the device or cause a denial of service via a 1 stop application program, 2 change value, or 3 modify application command...