waitress: python-waitress: request processing race condition in HTTP pipelining with invalid first request

A flaw was found in the Waitress WSGI server for Python. A remote client can send a request that is exactly recvbytes, which defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default, Waitress won't read any more requests, and when th...

OESA-2025-1099 binutils security update

Binutils is a collection of binary utilities, including ar for creating, modifying and extracting from archives, as a family of GNU assemblers, gprof for displaying call graph profile data, ld the GNU linker, nm for listing symbols from object files, objcopy for copying and translating object...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Correct getcontroldata for non bytes payload It is possible to craft a topology where sofgetcontroldata would do out of bounds access because it expects that it is only called when the payload is bytes...

SUSE CVE-2025-0840

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemblebytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

CVE-2025-0662

In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14 uninitialized bytes of...

AZL-56099 CVE-2025-0840 affecting package binutils for versions less than 2.41-4

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemblebytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

AZL-56103 CVE-2025-0840 affecting package binutils for versions less than 2.37-11

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemblebytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

CVE-2025-0840 GNU Binutils objdump.c disassemble_bytes stack-based overflow

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemblebytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

vsock: Update rx_bytes on read_skb()

...

PT-2025-3998 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The ktrace facility logs the contents of kernel structures to userspace. In one case, ktrace dumps a variable-sized sockaddr to userspace, copying the full sockaddr even when it is shorter...

The vulnerability of the functions ss_net_snmp_disk_io() and ss_net_snmp_disk_bytes() in the Cacti network monitoring software allows a attacker to execute arbitrary code.

The vulnerability of the ssnetsnmpdiskio and ssnetsnmpdiskbytes functions of the Cacti network monitoring software is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute...

FreeBSD -- Uninitialized kernel memory disclosure via ktrace(2)

Problem Description: In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openvpn (SUSE-SU-2025:0278-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0278-1 advisory. - CVE-2024-5594: Fixed wrong handling of null bytes and invalid characters in control messages bsc1235147...

Security update for openvpn

This update for openvpn fixes the following issues: CVE-2024-5594: Fixed wrong handling of null bytes and invalid characters in control messages bsc1235147 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

CVE-2024-57923

In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix availin bytes for s390 zlib HW compression path Since the input data length passed to zlibcompressfolios can be arbitrary, always setting strm.availin to a multiple of PAGESIZE may cause read-in bytes to exceed t...

BIT-PHP-MIN-2020-7069 Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with opensslencrypt function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data...

CVE-2024-42180

HCL MyXalytics is affected by a malicious file upload vulnerability. The application accepts invalid file uploads, including incorrect content types, double extensions, null bytes, and special characters, allowing attackers to upload and execute malicious files...

CVE-2024-42180

CVE-2024-42180 affects HCL DRYiCE MyXalytics (HCL MyXalytics). The vulnerability is a malicious file upload issue where the application accepts invalid uploads (wrong content types, double extensions, null bytes, and special characters), enabling an attacker to upload and potentially execute mali...

CLSA-2025-1736284126 haproxy: Fix of CVE-2023-0836

CVE-2023-0836: Fix information leak vulnerability in connection buffer by initializing 5 bytes in FCGIBEGINREQUEST record encoding...

PT-2025-40348

Name of the Vulnerable Software and Affected Versions Chromium affected versions not specified Description A use-after-free condition exists in V8 when evaluating the compile-time options parameter, which detaches the ArrayBuffer holding the wire bytes. This issue was reported by Google Big Sleep...