7 matches found
CVE-2026-53186 RDMA/srp: bound SRP_RSP sense copy by the received length
In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRPRSP sense copy by the received length srpprocessrsp copies sense data from rsp-data + respdatalen, where respdatalen is the full 32-bit value supplied by the SRP target and is never checked against the number o...
ALSA-2025:7903 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vsock: Keep the binding until socket destruction CVE-2025-21756 kernel: dm-flakey: Fix memory corruption in optional corruptbiobyte feature CVE-2025-21966 kernel: net: ppp: Add bound...
golang: crypto/tls: lack of a limit on buffered post-handshake
A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size...
June 14, 2022-KB5013887 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 20H2, Windows Server, version 20H2, Windows 10 Version 21H1, and Windows 10 Version 21H2
June 14, 2022-KB5013887 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 20H2, Windows Server, version 20H2, Windows 10 Version 21H1, and Windows 10 Version 21H2 Release Date: June 14, 2022 Version: .NET Framework 3.5 and 4.8 The June 14, 2022 update for Windows 10, versio...
Integer overflow
In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists. When using /video redirection, a manipulated server can instruct the client to allocate a buffer with a smaller size than requested due to an integer overflow in size calculation. With later messages, the serve...
PT-2019-11763 · Jenkins · Jenkins Configuration As Code Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Configuration as Code Plugin versions 1.26 and earlier Description: The issue arises from an incomplete fix that did not properly apply masking to some values expected to be hidden when logging the configuration being applied. This...
Ember.js XSS Vulnerability With {{link-to}} Helper in Non-block Form
In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, a change made to the implementation of the link-to helper means that any user-supplied data bound to the link-to helper's title attribute will not be escaped...