smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work)

...

swift-nio-http2 affected by HTTP/2 MadeYouReset vulnerability

The HTTP/2 MadeYouReset vulnerability has a mild effect on swift-nio-http2. swift-nio-http2 mostly protects against MadeYouReset by using a number of existing denial-of-service prevention patterns that we added in response to the RapidReset vulnerabilities. The result is that servers are not...

CVE-2024-25622

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The configuration directives provided by the headers handler allows users to modify the response headers being sent by h2o. The configuration file of h2o has scopes, and the inner scopes e.g., path level are expected to inherit t...

Linux Distros Unpatched Vulnerability : CVE-2022-48827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d NFS: Always provide aligned buffers to the RPC read layers on the...

CVE-2024-25622

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The configuration directives provided by the headers handler allows users to modify the response headers being sent by h2o. The configuration file of h2o has scopes, and the inner scopes e.g., path level are expected to inherit t...

CVE-2024-25622

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The configuration directives provided by the headers handler allows users to modify the response headers being sent by h2o. The configuration file of h2o has scopes, and the inner scopes e.g., path level are expected to inherit t...

CVE-2024-25622 H2O ignores headers configuration directives

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The configuration directives provided by the headers handler allows users to modify the response headers being sent by h2o. The configuration file of h2o has scopes, and the inner scopes e.g., path level are expected to inherit t...

CVE-2021-37845

Removed by vendor...

Nessus 安全漏洞

Tenable Network Security Nessus is an open source system vulnerability scanner from Tenable Network Security, USA. Nessus suffers from a security vulnerability that arises from the ability of an authenticated attacker to modify client behavior to bypass protection mechanisms that could lead to...

CVE-2021-22999

On versions 15.0.x before 15.1.0 and 14.1.x before 14.1.4, the BIG-IP system provides an option to connect HTTP/2 clients to HTTP/1.x servers. When a client is slow to accept responses and it closes a connection prematurely, the BIG-IP system may indefinitely retain some streams unclosed. Note:...

DNS Encryption at DNS OARC 32

The DNS DNS Operations, Analysis, and Research Center DNS OARC is an organization that, in their own words, works to "improve the security, stability, and understanding of the Internet's DNS infrastructure." They hold regular workshops where deployment experts, software developers, researchers, a...

A poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack

Keepalive thread overload/DoS Impact A poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the...

GHSA-7XX3-M584-X994 A poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack

Keepalive thread overload/DoS Impact A poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the...

Best Practices for Ultra-Low Latency Streaming Using Chunked-Encoded and Chunk-Transferred CMAF

Over the last 15 years, live streaming services have grown from novelties & experiments in to profitable businesses serving an ever-growing cohort of cord-cutters and cord-nevers. Initial streaming implementations mimicked the workflows of the broadcast world, using custom servers to deliver...

Low: openssh security and bug fix update

3.9p1-8.RHEL4.20 - CVE-2006-5794 properly detect failed key verify in monitor 214640 3.9p1-8.RHEL4.19 - add support for hashed knownhosts file 162681 3.9p1-8.RHEL4.18 - fixed client behaviour when remote program generates large output 184357 - don't report duplicate syslog messages, use correct...