Astra Linux - уязвимость в qemu

A flaw was discovered in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can result in the callback being fired later, thereby causing a use-after-free when using the channel. This vulnerability can be exploited by a malicious...

PT-2026-40389

Name of the Vulnerable Software and Affected Versions Archon OS affected versions not specified Description A flaw in the local API handling allows unauthenticated attackers to perform a web-to-client attack. By inducing a user to visit a malicious website, an attacker can bypass Cross-Origin...

kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...

CLSA-2026-1768210674 Fix CVE(s): CVE-2025-58436

SECURITY UPDATE: Possible DoS attack caused by a slow client communication - debian/patches/CVE-2025-58436.patch: fix unresponsive cupsd process caused by a slow client - CVE-2025-58436...

Oracle Linux 9 : cups (ELSA-2026-0312)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0312 advisory. - RHEL-129746 CVE-2025-58436 cups: Slow client communication leads to a possible DoS attack Tenable has extracted the preceding description block...

Linux Distros Unpatched Vulnerability : CVE-2025-58436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd bu...

Security update for cups

This update for cups fixes the following issues: CVE-2025-61915: Fixed a local denial-of-service via cupsd.conf update and related issues. bsc1253783 CVE-2025-58436: Fixed an issue where a slow client communication leads to a possible DoS attack. bsc1244057 Patch Instructions: To install this SUS...

EUVD-2002-1212

Malware in sbrugna...

EUVD-2020-4919

Malware in sbrugna...

EUVD-2021-15321

Malware in sbrugna...

EUVD-2019-3446

Malware in sbrugna...

EUVD-2021-27679

Malicious code in bioql PyPI...

EUVD-2022-5730

Malicious code in bioql PyPI...

EUVD-2023-30349

Malicious code in bioql PyPI...

PT-2025-39292

Name of the Vulnerable Software and Affected Versions Cisco Access Point Software affected versions not specified Description A flaw exists in the IPv6 Router Advertisement RA packet processing that could allow an unauthenticated, adjacent attacker to modify the IPv6 gateway on an affected device...

CVE-2023-39930

A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request...

CVE-2020-25854

The function DecWPA2KeyData in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 up to and excluding 2.08 does not validate the size parameter for an internal function, rtarc4cryptveneer or AESUnWRAPveneer, resulting in a stack buffer overflow which can be exploited for...

CVE-2020-15604

An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 v15 consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one...

CVE-2025-32914

CVE-2025-32914 affects libsoup and is described across multiple advisories (e.g., Rocky Linux, AlmaLinux/ALAS, Amazon Linux). The flaw is an out-of-bounds read in soup_multipart_new_from_message() in libsoup (soup-multipart.c), which can cause a crash or Denial of Service when processing certain ...

CVE-2025-26466 Openssh: denial-of-service in openssh

A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to ...