29 matches found
CLSA-2026-1773784132 Update of alt-php
Port to Debian 10 buster with renamed libraries to avoid conflicts with system PostgreSQL packages. Rename library packages to allow coexistence with other PostgreSQL versions: - libpq5 - libpq5-9.6 library: libpq-9.6.so.5 - libpq-dev - libpq-dev-9.6 - libecpg6 - libecpg6-9.6 library:...
CVE-2025-12874
Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Quest Coexistence Manager for Notes Free/Busy Connector modules allows HTTP Request Smuggling via the Content-Length-Transfer-Encoding CL.TE attack vector. This could allow an attacker to bypass access...
EUVD-2025-204611
Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Quest Coexistence Manager for Notes Free/Busy Connector modules allows HTTP Request Smuggling via the Content-Length-Transfer-Encoding CL.TE attack vector. This could allow an attacker to bypass access...
CVE-2025-12874
Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Quest Coexistence Manager for Notes Free/Busy Connector modules allows HTTP Request Smuggling via the Content-Length-Transfer-Encoding CL.TE attack vector. This could allow an attacker to bypass access...
CVE-2025-12874 HTTP Request Smuggling in Quest Coexistence Manager for Notes
Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Quest Coexistence Manager for Notes Free/Busy Connector modules allows HTTP Request Smuggling via the Content-Length-Transfer-Encoding CL.TE attack vector. This could allow an attacker to bypass access...
CVE-2025-12874
Quest Coexistence Manager for Notes (Free/Busy Connector modules) contains a HTTP Request/Response Smuggling flaw via Content-Length-Transfer-Encoding (CL.TE). The CVE entry notes the issue affects version 3.8.2045 and may affect other versions; impact includes bypassing access controls, web-cach...
CVE-2025-12874 HTTP Request Smuggling in Quest Coexistence Manager for Notes
Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Quest Coexistence Manager for Notes Free/Busy Connector modules allows HTTP Request Smuggling via the Content-Length-Transfer-Encoding CL.TE attack vector. This could allow an attacker to bypass access...
Quest Coexistence Manager for Notes 安全漏洞
Quest Coexistence Manager for Notes is a data synchronization software from Quest USA. A security vulnerability exists in Quest Coexistence Manager for Notes, which stems from an inconsistent HTTP request/response interpretation that could lead to an HTTP request entrapment attack...
PT-2025-52508
Name of the Vulnerable Software and Affected Versions Quest Coexistence Manager for Notes version 3.8.2045 Description An inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' exists in Quest Coexistence Manager for Notes Free/Busy Connector modules. This allows HTTP...
Proving DNSSEC Correctness: A Formal Approach to Secure Domain Name Resolution
The Domain Name System Security Extensions DNSSEC are critical for preventing DNS spoofing, yet its specifications contain ambiguities and vulnerabilities that elude traditional "break-and-fix" approaches. A holistic, foundational security analysis of the protocol has thus remained an open proble...
Linux Distros Unpatched Vulnerability : CVE-2022-50654
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix panic due to wrong pageattr of im-image In the scenario where livepatch and kretfunc coexist, the pageattr of im-image is rox after...
CVE-2022-50654 bpf: Fix panic due to wrong pageattr of im->image
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix panic due to wrong pageattr of im-image In the scenario where livepatch and kretfunc coexist, the pageattr of im-image is rox after archpreparebpftrampoline in bpftrampolineupdate, and then modifyfentry or registerfentry...
PT-2025-49470
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak was identified and resolved in the rsi coex attach function within the RSI Realtek Semiconductor Corporation wireless driver of the Linux kernel. Specifically, the coex cb...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac – Fix for use-after-free when rescheduling the brcmfbtcoexinfo worker. The brcmfbtcoexdetach function only shuts down the btcoex timer if the timeron flag is set to false. However, the brcmfbtcoextimerfunc function...
CVE-2023-53574
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtwcoredeinit', shrink critical section in the latter by freeing...
CVE-2023-53574
CVE-2023-53574 affects the Linux kernel wifi/rtw88 driver. The issue arises when unloading the driver, where the TX purge timer is not properly deleted and the C2H queue is not freed, risking a crash and a memory leak. The documented root cause is improper cleanup in the rtw_core_deinit() path, w...
wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work
...
UBUNTU-CVE-2025-39863
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work The brcmfbtcoexdetach only shuts down the btcoex timer, if the flag timeron is false. However, the brcmfbtcoextimerfunc, which runs as timer handler, sets...
CVE-2025-39863 wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work The brcmfbtcoexdetach only shuts down the btcoex timer, if the flag timeron is false. However, the brcmfbtcoextimerfunc, which runs as timer handler, sets...
PT-2025-38570
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free vulnerability within the brcmfmac module related to the handling of the brcmf btcoex info workqueue. Specifically, the brcmf btcoex detach...