67 matches found
CVE-2026-9362
A security vulnerability has been detected in Edimax EW-7438RPn 1.12. This vulnerability affects the function formConnectionSetting of the file /goform/formConnectionSetting of the component Setting Handler. Such manipulation of the argument maxConn/timeOut leads to command injection. The attack...
CVE-2026-9362
A security vulnerability has been detected in Edimax EW-7438RPn 1.12. This vulnerability affects the function formConnectionSetting of the file /goform/formConnectionSetting of the component Setting Handler. Such manipulation of the argument maxConn/timeOut leads to command injection. The attack...
SUSE CVE-2026-43411
In the Linux kernel, the following vulnerability has been resolved: tipc: fix divide-by-zero in tipcskfilterconnect A user can set conntimeout to any value via setsockoptTIPCCONNTIMEOUT, including values less than 4. When a SYN is rejected with TIPCERROVERLOAD and the retry path in...
EUVD-2026-28717
In the Linux kernel, the following vulnerability has been resolved: tipc: fix divide-by-zero in tipcskfilterconnect A user can set conntimeout to any value via setsockoptTIPCCONNTIMEOUT, including values less than 4. When a SYN is rejected with TIPCERROVERLOAD and the retry path in...
CVE-2026-43411
In the Linux kernel, the following vulnerability has been resolved: tipc: fix divide-by-zero in tipcskfilterconnect A user can set conntimeout to any value via setsockoptTIPCCONNTIMEOUT, including values less than 4. When a SYN is rejected with TIPCERROVERLOAD and the retry path in...
UBUNTU-CVE-2026-43411
In the Linux kernel, the following vulnerability has been resolved: tipc: fix divide-by-zero in tipcskfilterconnect A user can set conntimeout to any value via setsockoptTIPCCONNTIMEOUT, including values less than 4. When a SYN is rejected with TIPCERROVERLOAD and the retry path in...
CVE-2026-43411
In the Linux kernel, the following vulnerability has been resolved: tipc: fix divide-by-zero in tipcskfilterconnect A user can set conntimeout to any value via setsockoptTIPCCONNTIMEOUT, including values less than 4. When a SYN is rejected with TIPCERROVERLOAD and the retry path in...
CVE-2026-43411
In the Linux kernel, the following vulnerability has been resolved: tipc: fix divide-by-zero in tipcskfilterconnect A user can set conntimeout to any value via setsockoptTIPCCONNTIMEOUT, including values less than 4. When a SYN is rejected with TIPCERROVERLOAD and the retry path in...
CVE-2026-43411
CVE-2026-43411: Linux kernel TIPc divide-by-zero in tipc_sk_filter_connect() when conn_timeout is 0–3, triggering a kernel oops/panic on certain overload retry paths. The public docs state that an attacker can set conn_timeout via setsockopt(TIPC_CONN_TIMEOUT) to values below 4, causing delay %= ...
CVE-2026-27630
TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Versions prior to version 2.02 are vulnerable to a Denial of Service DoS attack known as Slowloris. The server spawns a new OS thread for every incoming connection without enforcing a maximum concurrency limit or an appropriate...
CVE-2026-27630
TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Versions prior to version 2.02 are vulnerable to a Denial of Service DoS attack known as Slowloris. The server spawns a new OS thread for every incoming connection without enforcing a maximum concurrency limit or an appropriate...
EUVD-2026-8764
TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Versions prior to version 2.02 are vulnerable to a Denial of Service DoS attack known as Slowloris. The server spawns a new OS thread for every incoming connection without enforcing a maximum concurrency limit or an appropriate...
MiracleLinux 4 : spice-gtk-0.20-11.AXS4 (AXSA:2014-014:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-014:01 advisory. Client libraries for SPICE desktop servers. Security issues fixed with this release: CVE-2013-4324 spice-gtk 0.14, and possibly other versions, invokes the...
CVE-2023-29046
Connections to external data sources, like e-mail autoconfiguration, were not terminated in case they hit a timeout, instead those connections were logged. Some connections use user-controlled endpoints, which could be malicious and attempt to keep the connection open for an extended period of...
CLSA-2026-1767864313 kernel: Fix of 46 CVEs
mm: hugetlb: fix UAF in hugetlbhandleuserfault CVE-2022-50630 - drm/amdkfd: fix potential kgdmem UAFs CVE-2023-53816 - net/mlx5e: Fix deadlock in tc route query code CVE-2023-53591 - PCI: Fix pcideviceispresent for VFs by checking PF CVE-2022-50636 - wifi: ath11k: fix monitor mode bringup crash...
python-kdcproxy: Remote DoS via unbounded TCP upstream buffering
If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's response, kdcproxy copie...
EUVD-2012-3391
Malware in sbrugna...
EUVD-1999-0751
Malware in sbrugna...
EUVD-2024-2791
Malicious code in bioql PyPI...
SUSE-SU-2025:20669-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708. - CVE-2025-38006: net: mctp: Do not access ifaindex when missing bsc1244930. -...