3782 matches found
CVE-2025-56568
Open5GS contains an assertion-failure vulnerability in the PCO (Protocol Configuration Options) parser of the SMF (Session Management Function) component, affecting versions prior to 2.7.5. Remote attackers can trigger a denial-of-service by sending specially crafted NGAP messages with malformed ...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: nghttp2 (UTSA-2026-014315)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014315 advisory. nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when use...
GHSA-J99G-7RQW-Q9JG nimiq-blockchain: Peer-triggerable panic during history sync
Impact HistoryStore::puthistorictxns uses an assert! to enforce invariants about HistoricTransaction.blocknumber must be within the macro block being pushed and within the same epoch. During history sync, a peer can influence the history: &HistoricTransaction input passed into...
CLSA-2025-1758636652 openldap: Fix of 14 CVEs
Rebase to 2.4.58 to fix the following vulnerabilities: - CVE-2020-12243: fix denial of service caused by LDAP search filters with nested boolean expressions - CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing - CVE-2020-36223: fix slapd crash in the Values Return...
SUSE SLES15 Security Update : glibc-livepatches (SUSE-SU-2026:1501-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1501-1 advisory. This update for glibc-livepatches fixes the following issue: - CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an...
SUSE SLES15 Security Update : glibc-livepatches (SUSE-SU-2026:1498-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1498-1 advisory. This update for glibc-livepatches fixes the following issue: - CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an...
JLSEC-2026-161
A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability...
Security update for glibc-livepatches
This update for glibc-livepatches fixes the following issue: CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261209. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
SUSE-SU-2026:1501-1 Security update for glibc-livepatches
This update for glibc-livepatches fixes the following issue: - CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261209...
Security update for glibc-livepatches
This update for glibc-livepatches fixes the following issue: CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261209. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
SUSE-SU-2026:1498-1 Security update for glibc-livepatches
This update for glibc-livepatches fixes the following issue: - CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261209...
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : nghttp2 (SUSE-SU-2026:1350-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1350-1 advisory. This update for nghttp2 fixes the following issue: - CVE-2026-27135: assertion failure due to missing sta...
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
A flaw was found in nghttp2. Due to missing internal state validation, the library continues to process incoming data even after a session has been terminated. A remote attacker could exploit this by sending a specially crafted HTTP/2 frame, leading to an assertion failure and a denial of service...