18 matches found
CVE-2026-54886
The vulnerability CVE-2026-54886 affects Erlang/OTP's SSH server side (ssh_sftpd) and allows an authenticated SFTP client to trigger an infinite loop on a channel by sending SSH_MSG_CHANNEL_EXTENDED_DATA. The handle_data/4 clause tail-calls itself when a non-zero data_type_code arrives with an em...
Linux Distros Unpatched Vulnerability : CVE-2026-53295
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mailbox: add sanity check for channel array Fail gracefully if there is no channel array attached to the mailbox controller. Otherwise the later dereference wil...
Important: rclone
Issue Overview: Parsing a malicious font file can cause excessive memory allocation. CVE-2026-33812 An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected user...
CVE-2026-31647
A flaw was found in the Linux kernel's idpf driver. This vulnerability arises from improper nesting of spinlocks during asynchronous Virtual Channel VC handling. An attacker could potentially trigger an invalid wait context, leading to a system crash or denial of service. Mitigation To reduce...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987175)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987175 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix use-after-free in l2capconndel When l2caprecvframe is invoked to receive...
CVE-2023-53472
In the Linux kernel, the following vulnerability has been resolved: pwm: lpc32xx: Remove handling of PWM channels Because LPC32xx PWM controllers have only a single output which is registered as the only PWM device/channel per controller, it is known in advance that pwm-hwpwm value is always 0. O...
Russh 安全漏洞
Russh is a Rust SSH client-side and server-side library from the individual developers at Eugene. A security vulnerability exists in Russh 0.54.0 and earlier versions that stems from improper handling of SSH protocol channel window adjustment messages, which could lead to an integer overflow...
CVE-2025-38133
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4851: fix ad4858 chan pointer handling The pointer returned from ad4851parsechannelscommon is incremented internally as each channel is populated. In ad4858parsechannels, the same pointer was further incremented while...
CVE-2025-38133 iio: adc: ad4851: fix ad4858 chan pointer handling
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4851: fix ad4858 chan pointer handling The pointer returned from ad4851parsechannelscommon is incremented internally as each channel is populated. In ad4858parsechannels, the same pointer was further incremented while...
CVE-2022-49909
...
CVE-2024-57991 wifi: rtw89: chan: fix soft lockup in rtw89_entity_recalc_mgnt_roles()
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: chan: fix soft lockup in rtw89entityrecalcmgntroles During rtw89entityrecalcmgntroles, there is a normalizing process which will re-order the list if an entry with target pattern is found. And once one is found, shou...
CVE-2022-49378
In the Linux kernel, the following vulnerability has been resolved: sfc: fix considering that all channels have TX queues Normally, all channels have RX and TX queues, but this is not true if modparam efxseparatetxchannels=1 is used. In that cases, some channels only have RX queues and others onl...
CVE-2024-47600
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been detected in the formatchannelmask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a fixed size of 64 elements. However, the...
OPENSUSE-SU-2023:0022-1 Security update for tor
This update for tor fixes the following issues: tor 0.4.7.13: fix SafeSocks option to avoid DNS leaks boo1207110, TROVE-2022-002 improve congestion control fix relay channel handling tor 0.4.7.12: new key for moria1 new metrics are exported on the MetricsPort for the congestion control subsystem...
CVE-2022-41972 Contiki-NG contains NULL Pointer Dereference in BLE L2CAP module
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to 4.9 contain a NULL Pointer Dereference in BLE L2CAP module. The Contiki-NG operating system for IoT devices contains a Bluetooth Low Energy stack. An attacker can inject a packet in th...
CVE-2019-1424
A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel, aka 'NetLogon Security Feature Bypass Vulnerability'...
PT-2018-3819 · Freeware +2 · Faad2 +2
Name of the Vulnerable Software and Affected Versions: Freeware Advanced Audio Decoder 2 FAAD2 version 2.8.8 Description: The issue is related to the incorrect handling of a new PS channel in the sbr process channel function of the libfaad/sbr dec.c component of the FAAD2 audio decoder. This allo...
AIX Java Advisory : java_apr2014_advisory.asc
The version of Java SDK installed on the remote host is potentially affected by the following vulnerabilities : - There is an information disclosure flaw in libjpeg and libjpeg-turbo allowing remote attackers access to uninitialized memory via crafted JPEG images. CVE-2013-6629 - A vulnerability ...