EUVD-2026-39183

NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of the server process, which can be triggered trivially by sending a DNS query over a DoT connection, and closing the connection without reading the response...

BIT-ENVOY-2024-34362 Envoy affected by a crash (use-after-free) in EnvoyQuicServerStream

Envoy is a cloud-native, open source edge and service proxy. There is a use-after-free in HttpConnectionManager HCM with EnvoyQuicServerStream that can crash Envoy. An attacker can exploit this vulnerability by sending a request without FIN, then a RESETSTREAM frame, and then after receiving the...

CLSA-2023-1691082968 Fix CVE(s): CVE-2023-34241

SECURITY UPDATE: use-after-free bug - debian/patches/CVE-2023-34241.patch: Log result of httpGetHostname BEFORE closing the connection - CVE-2023-34241...

PT-2021-7674 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a NULL pointer dereference flaw in the Linux kernel's IEEE 802.15.4 wireless networking subsystem. This occurs when a user closes the LR-WPAN connection,...