libssh: libssh: Denial of Service via inefficient regular expression processing

A flaw was found in libssh. A remote attacker, by controlling client configuration files or knownhosts files, could craft specific hostnames that when processed by the matchpattern function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion,...

Astra Linux - уязвимость в libssh

A flaw was discovered in libssh. A remote attacker, by controlling client configuration files or the knownhosts files, could create specific hostnames that, when processed by the matchpattern function, could lead to inefficient regular expression backtracking. This could cause timeouts and resour...

EUVD-2026-16332

A flaw was found in libssh. A remote attacker, by controlling client configuration files or knownhosts files, could craft specific hostnames that when processed by the matchpattern function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion,...

CVE-2026-0967

A flaw was found in libssh. A remote attacker, by controlling client configuration files or knownhosts files, could craft specific hostnames that when processed by the matchpattern function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion,...

CVE-2026-0967 Libssh: libssh: denial of service via inefficient regular expression processing

A flaw was found in libssh. A remote attacker, by controlling client configuration files or knownhosts files, could craft specific hostnames that when processed by the matchpattern function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion,...

EUVD-2019-9529

Malware in sbrugna...

BIT-LIBPYTHON-2022-45061

An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often...

USN-6666-1 libuv1 vulnerability

It was discovered that libuv incorrectly truncated certain hostnames. A remote attacker could possibly use this issue with specially crafted hostnames to bypass certain checks...

python: CPU denial of service via inefficient IDNA decoder

A vulnerability was discovered in Python. A quadratic algorithm exists when processing inputs to the IDNA RFC 3490 decoder, such that a crafted unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be...

CVE-2019-19941

Missing hostname validation in Swisscom Centro Grande before 6.16.12 allows a remote attacker to inject its local IP address as a domain entry in the DNS service of the router via crafted hostnames in DHCP requests, causing XSS...

Design/Logic Flaw

Missing hostname validation in Swisscom Centro Grande before 6.16.12 allows a remote attacker to inject its local IP address as a domain entry in the DNS service of the router via crafted hostnames in DHCP requests, causing XSS...

CVE-2019-19942

Missing output sanitation in Swisscom Centro Grande Centro Grande before 6.16.12, Centro Business 1.0 ADB before 7.10.18, and Centro Business 2.0 before 8.02.04 allows a remote attacker to perform DNS spoofing against the web interface via crafted hostnames in DHCP requests...

CVE-2019-19941

Missing hostname validation in Swisscom Centro Grande before 6.16.12 allows a remote attacker to inject its local IP address as a domain entry in the DNS service of the router via crafted hostnames in DHCP requests, causing XSS...

CVE-2019-19941

CVE-2019-19941 affects Swisscom Centro Grande routers present before version 6.16.12. The flaw is missing hostname validation in the DNS service, allowing a remote attacker to craft DHCP hostnames that inject the attacker's local IP as a domain entry, which can result in cross-site scripting via ...

DEBIAN-CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

PT-2018-2383

Name of the Vulnerable Software and Affected Versions glibc versions through 2.28 Description The issue is related to insufficient input validation in the getaddrinfo function, which can lead to the invocation of the if nametoindex function with incorrect parameters. This can be exploited by a...

PT-2017-3344

Name of the Vulnerable Software and Affected Versions CVS versions 1.12.x git-annex versions prior to 6.20170818 Description The issue is related to the improper handling of data when interacting with a remote repository over SSH. This could allow a remote attacker to execute arbitrary code by...

openSUSE Security Update : xorg-x11 (openSUSE-SU-2011:0298-1)

Remote attackers could execute arbitrary commands as root by assigning specially crafted hostnames to X11 clients via XDMCP CVE-2011-0465. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

Ubuntu Update for x11-xserver-utils vulnerability USN-1107-1

Ubuntu Update for Linux kernel vulnerabilities USN-1107-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11071.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for x11-xserver-utils vulnerability USN-1107-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

SuSE 11.1 Security Update : X11 (SAT Patch Number 4199)

Remote attackers could execute arbitrary commands as root by assigning specially crafted hostnames to X11 clients via XDMCP. CVE-2011-0465 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. Th...