EUVD-2026-22599

Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally...

CVE-2026-31937

A flaw was found in Suricata, a network intrusion detection, prevention, and security monitoring engine. A remote attacker could exploit an inefficiency in the Distributed Computing Environment/Remote Procedure Call DCERPC buffering mechanism. This could lead to a denial of service DoS due to...

AlmaLinux 9 : python3.11 (ALSA-2026:1410)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1410 advisory. cpython: Excessive read buffering DoS in http.client CVE-2025-13836 cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of...

CVE-2026-22258 Suricata DCERPC: unbounded fragment buffering leads to memory exhaustion

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...

ALSA-2025:21139 Important: python-kdcproxy security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

rack: Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion)

A flaw was found in Rack where the Rack::Multipart::Parser buffers the multipart preamble memory without size limits. A remote attacker can send a crafted multipart/form-data request with a very large preamble before its first boundary, causing excessive memory consumption and denial of service...

EUVD-2007-1782

Malware in sbrugna...

EUVD-2009-5083

Malware in sbrugna...

Important: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Important: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way

A flaw was found in the Netty's netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service...

Siemens Jt2go 缓冲区错误漏洞

JT2Go is a 3D JT viewing tool, Teamcenter visualization software enables organizations to enhance their product lifecycle management PLM environments with a comprehensive family of visualization solutions. The software allows business users to access documents, 2D drawings and 3D models in a sing...

Siemens JT Utilities 缓冲区错误漏洞

JT is a publicly released data format developed by Siemens Digital Industry Software.JT Open Toolkit also known as JTTK is developer-oriented application programming interface API JT-enabled software.JT Open Toolkit is a read and write toolkit.JT Utilities and JTTK file parsing vulnerabilities. A...

Huawei Smartphone 缓冲区错误漏洞

Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. An incorrect authentication vulnerability exists in Huawei Emui and Magic UI. An attacker can exploit this vulnerability to cause out-of-bounds reads...

GPAC 缓冲区错误漏洞

GPAC is an open source multimedia framework. versions prior to GPAC 0.8.0 have security vulnerabilities that can be exploited by attackers to cause a denial of service via a crafted MP4 file...

CVE-2021-23011

On versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and 11.6.x before 11.6.5.3, when the BIG-IP system is buffering packet fragments for reassembly, the Traffic Management Microkernel TMM may consume an excessive amount of...

Updated libetpan packages fix a security vulnerability

LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data e.g., from a meddler-in-the-middle attacker and evaluates it in a TLS...

PT-2020-14734 · Unknown +4 · Mailcore 2 +4

Name of the Vulnerable Software and Affected Versions: LibEtPan versions 1.9.4 and earlier MailCore 2 versions 0.6.3 and earlier Description: The issue affects IMAP, SMTP, and POP3 protocols due to a STARTTLS buffering problem. When a server sends a "begin TLS" response, the client reads addition...