298 matches found
OESA-2026-2547 htslib security update
HTSlib is an implementation of a unified C library for accessing common file formats, such as SAM, CRAM and VCF, used for high-throughput sequencing data, and is the core library used by samtools and bcftools. HTSlib only depends on zlib. It is known to be compatible with gcc, g++ and clang. HTSl...
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
A flaw was found in NGINX, specifically within the ngxmailauthhttpmodule. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of...
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
A flaw was found in NGINX, specifically within the ngxmailauthhttpmodule. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of...
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
A flaw was found in NGINX, specifically within the ngxmailauthhttpmodule. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of...
CLSA-2026-1778142227 nginx: Fix of 2 CVEs
CVE-2026-27651: fix null pointer dereference in ngxmailauthhttpmodule when authentication retry is enabled with CRAM-MD5 or APOP - CVE-2026-32647: fix buffer over-read/write in ngxhttpmp4module when processing crafted mp4 files with empty stco/co64 atoms...
MGASA-2026-0111 Updated nginx packages fix security vulnerabilities
Buffer overflow in ngxhttpdavmodule CVE-2026-27654 Buffer overflow in the ngxhttpmp4module CVE-2026-27784 Buffer overflow in the ngxhttpmp4module CVE-2026-32647 NULL pointer dereference while using CRAM-MD5 or APOP CVE-2026-27651 Injection in authhttp and XCLIENT CVE-2026-28753 OCSP result bypass...
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
A flaw was found in NGINX, specifically within the ngxmailauthhttpmodule. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of...
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
A flaw was found in NGINX, specifically within the ngxmailauthhttpmodule. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of...
SUSE CVE-2026-43860
mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...
CVE-2026-43860
mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...
CVE-2026-43860
mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...
EUVD-2026-26896
mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...
CVE-2026-43859
mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP authcram MD5 digest...
CVE-2026-43859
Mutt vulnerability CVE-2026-43859 affects mutt before 2.3.2, where IMAP auth_cram MD5 digest computation may use strfcpy instead of memcpy. Root cause is choosing the wrong string copy function in the digest pathway. Impact (per CVSS 3.1) is Confidentiality: None, Integrity: Low, Availability: No...
PT-2026-36772
Name of the Vulnerable Software and Affected Versions mutt versions prior to 2.3.2 Description The software sometimes uses the strfcpy function instead of memcpy when handling the IMAP auth cram MD5 digest. This occurs during the authentication process for IMAP servers using the CRAM-MD5 mechanis...
PT-2026-36773
mutt before 2.3.2 sometimes truncates the hash passwd by one byte for IMAP auth cram MD5 digest...
[SECURITY] Fedora 44 Update: libgsasl-1.10.0-15.fc44
The library includes support for the SASL framework and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, and NTLM mechanisms...
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
A flaw was found in NGINX, specifically within the ngxmailauthhttpmodule. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of...
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
A flaw was found in NGINX, specifically within the ngxmailauthhttpmodule. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of...
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
A flaw was found in NGINX, specifically within the ngxmailauthhttpmodule. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of...