CVE-2026-47073

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The WebSocket client in src/hackneyws.erl imposes no upper bound on memory consumption in three code paths. First, readhandshakeresponse/3 accumulates received bytes into a growing buffer with n...

PostgreSQL libpq lo_* functions let server superuser overwrite client stack memory

...

EUVD-2020-3426

Malware in sbrugna...

EUVD-2020-3433

Malware in sbrugna...

EUVD-2020-3429

Malware in sbrugna...

SUSE-SU-2025:02657-1 Security update for java-21-openjdk

This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.8+9 July 2025 CPU: Security fixes: - CVE-2025-30749: several scenarios can lead to heap corruption bsc1246595 - CVE-2025-30754: incomplete handshake may lead to weakening TLS protections bsc1246598 -...

Amazon Linux 2 : openssh (ALAS-2025-2769)

The version of openssh installed on the remote host is prior to 7.4p1-22. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2769 advisory. A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed ...

Linux Distros Unpatched Vulnerability : CVE-2019-3858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who...

CBL Mariner 2.0 Security Update: openssh (CVE-2025-26465)

The version of openssh installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-26465 advisory. - A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle...

CVE-2025-26465

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. Fo...

CVE-2025-26465

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. Fo...

K000149288: libssh vulnerabilities CVE-2019-3859 and CVE-2019-3860

Security Advisory Description CVE-2019-3859 An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the libssh2packetrequire and libssh2packetrequirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...

F5 Networks BIG-IP : libssh vulnerabilities (K000149288)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the K000149288 advisory. CVE-2019-3859An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the libssh2packetrequire...

CLSA-2024-1723224273 freerdp: Fix of CVE-2021-41159

CVE-2021-41159: fix client out of memory...

Security Bulletin: IBM Security Verify Governance has multiple vulnerabilities

Summary Multiple security vulnerabilities have been addressed in an update for IBM Security Verify Governance. Vulnerability Details CVEID:CVE-2022-31160 DESCRIPTION: jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the check-box-radio widge...

Low: Red Hat Security Advisory: libpq security update

An update for libpq is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Debian dla-3606 : freerdp2-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3606 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3606-1 [email protected]...

Oracle Linux 7 : libssh2 (ELSA-2019-2136)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2136 advisory. - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix out-of-bounds memory comparison with...

SAP PowerDesigner Information Disclosure Vulnerability

SAP PowerDesigner is a database design software from SAP, Germany. An information disclosure vulnerability exists in SAP PowerDesigner that originates from a special method to access password hashes from client memory...

ALSA-2023:4535 Moderate: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: schemaelement defeats protective searchpath changes CVE-2023-2454 postgresql: row security policies disregard user ID changes after inlining. CVE-2023-2455 postgresql: Client memory disclosure...