Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Fixed the handling of large file sizes in NFSv3 SETATTR/CREATE procedures. iattr::iasize is a lofft type; therefore, these NFSv3 procedures must be careful to handle incoming client size values that are larger than s64ma...

Astra Linux – Vulnerability in hdf5

A memory leak in the H5Odtypedecodehelper function within H5Odtype.c in the HDF HDF5 library from version 1.10.3 allows attackers to cause a denial of service due to excessive memory consumption, through an exploitable HDF5 file...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevention of potential integer overflows If the tag length is greater than or equal to U32MAX – 3, the addition of “length + 4” can lead to an integer overflow. This issue can be addressed by breaking down the decoding...

Astra Linux – Vulnerability in PHP 7.3, PHP 8.1

In PHP versions 8.1. before 8.1.31, and 8.2. before 8.2.26, as well as 8.3. before 8.3.14, a bug in the convert.quoted-printable-decode filter can cause certain data to be read as one byte too much. This can, under certain circumstances, lead to crashes or reveal content from other memory areas...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: libceph: makes decodepool more resilient against corrupted osdmaps. If the osdmap is maliciously corrupted in such a way that the encoded length of the cephpgpool envelope is less than what is expected for a particular encoding...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fixed a NULL pointer dereferencing in corescsi3decodespeciport. The function corescsi3decodespeciport, during its error code path, corescsi3lunaclundependitem, passing the destsedeve pointer, which may be NULL. This...

OESA-2026-2164 opencryptoki security update

openCryptoki is an implementation of the PKCS 11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the...

OESA-2026-2163 opencryptoki security update

openCryptoki is an implementation of the PKCS 11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the...

CVE-2026-5324 Brizy – Page Builder <= 2.8.11 - Unauthenticated Stored Cross-Site Scripting via FileUpload Field Value

The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2.8.11 This is due to a combination of missing nonce verification for unauthenticated form submissions, insufficient handling of FileUpload fields when ...

squid34: Fix of 12 CVEs

CVE-2019-12525: fix heap buffer over-read in Digest auth parameter parsing - CVE-2018-1000027: fix NULL pointer dereference in X-Forwarded-For logging for internal transactions - CVE-2018-19131: escape certificate field injection via %D in ERRSECURECONNECTFAIL page - CVE-2018-19132: fix memory...

PT-2026-36594

The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2.8.11 This is due to a combination of missing nonce verification for unauthenticated form submissions, insufficient handling of FileUpload fields when ...

CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

CVE-2026-42483

A heap-based buffer overflow in the Kerberos hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted Kerberos hash file. The issue affects modulehashdecode in multiple Kerberos-related modules because accountinfolen is...

SUSE CVE-2026-26965

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstData at nYDst+y nDstStep + 4nXDst + nChannel without verifying that nYDst+nSrcHeight fits in the destination height or that...

FRRouting 缓冲区错误漏洞

FRRouting is FRRouting open source a network routing software suite that runs on Unix-like platforms. FRRouting suffers from a buffer error vulnerability that stems from the presence of a difference-one out-of-bounds write to the bgpflowspecopdecode function, which could lead to a denial of servi...

PT-2026-36526

Name of the Vulnerable Software and Affected Versions FRRouting version stable/10.0 Description An off-by-one out-of-bounds write issue exists in the bgp flowspec op decode function located in bgpd/bgp flowspec util.c. This flaw allows attackers to trigger a Denial of Service DoS by providing a...

CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

PT-2026-36537

Name of the Vulnerable Software and Affected Versions libModSecurity3 versions prior to 3.0.15 Description A segmentation fault occurs when a rule using the t:hexDecode transformation inspects a query string parameter containing a single character. This allows an attacker to crash worker processe...

CVE-2026-37457

FRRouting (FRR) stable/10.0 is affected by CVE-2026-37457 due to an off-by-one out-of-bounds write in bgp_flowspec_op_decode() within bgpd/bgp_flowspec_util.c. Attackers may cause a Denial of Service by supplying a crafted FlowSpec component. The available sources describe the vulnerability clear...