3256 matches found
OESA-2025-2775 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the...
urllib3 安全漏洞
urllib3 is a Python HTTP library open-sourced by urllib3. It features thread-safe connection pooling, file publishing support, and more. A security vulnerability exists in urllib3 version 1.24 up to and including version 2.6.0, which stems from an unlimited number of links in the decompression...
Suricata < 7.0.13 / 8.x < 8.0.2 Multiple Vulnerabilities
The version of OISF Suricata installed on the remote host is prior to 7.0.13 or 8.x prior to 8.0.2. It is, therefore, affected by multiple vulnerabilities, including: - Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata...
Suricata 8.x < 8.0.2 Multiple Vulnerabilities
The version of OISF Suricata installed on the remote host is 8.x prior to 8.0.2. It is, therefore, affected by multiple vulnerabilities: - Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions from 8.0.0 to...
Linux Distros Unpatched Vulnerability : CVE-2025-64334
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions from 8.0.0 to...
Linux Distros Unpatched Vulnerability : CVE-2025-64332
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 an...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to the use of the insecure LZ4decompressfast in the underlying lz4 library, which lacks bounds checks. An attacker can cause denial of service or access sensitive memory contents by providing specially crafted...
SUSE CVE-2025-64332
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow that causes Suricata to crash can occur if SWF decompression is enabled. This issue has been patched in version...
SUSE CVE-2025-64334
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions from 8.0.0 to before 8.0.2, compressed HTTP data can lead to unbounded memory growth during decompression. This issue has been patched in version 8.0.2....
Denial Of Service (DoS)
authlib is vulnerable to Denial Of Service. The vulnerability is due to unbounded DEFLATE decompression in the JWE zip=DEF processing path, where a very small ciphertext can expand into extremely large plaintext during token decryption, and attackers can exploit this by supplying decryptable toke...
CVE-2025-64334
A flaw was found in Suricata. This vulnerability allows unbounded memory growth during decompression via compressed HTTP data...
CVE-2025-64332
A flaw was found in Suricata. This vulnerability allows a denial of service DoS via SWF Small Web Format decompression...
CVE-2025-64334
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions from 8.0.0 to before 8.0.2, compressed HTTP data can lead to unbounded memory growth during decompression. This issue has been patched in version 8.0.2....
CVE-2025-64332
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow that causes Suricata to crash can occur if SWF decompression is enabled. This issue has been patched in version...
DEBIAN-CVE-2025-64332
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow that causes Suricata to crash can occur if SWF decompression is enabled. This issue has been patched in version...
DEBIAN-CVE-2025-64334
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions from 8.0.0 to before 8.0.2, compressed HTTP data can lead to unbounded memory growth during decompression. This issue has been patched in version 8.0.2....
UBUNTU-CVE-2025-64334
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions from 8.0.0 to before 8.0.2, compressed HTTP data can lead to unbounded memory growth during decompression. This issue has been patched in version 8.0.2....
UBUNTU-CVE-2025-64332
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow that causes Suricata to crash can occur if SWF decompression is enabled. This issue has been patched in version...
CVE-2025-64332
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow that causes Suricata to crash can occur if SWF decompression is enabled. This issue has been patched in version...
EUVD-2025-199774
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow that causes Suricata to crash can occur if SWF decompression is enabled. This issue has been patched in version...