17 matches found
[slackware-security] httpd
New httpd packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/httpd-2.4.67-i586-2slack15.0.txz: Rebuilt. This update fixes "HTTP/2 Bomb", a resource exhaustion denial-of-service attack against...
CVE-2026-45557
Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...
EUVD-2026-30938
Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...
Slackware Linux 15.0 / current mozilla-thunderbird Vulnerability (SSA:2026-111-03)
The version of mozilla-thunderbird installed on the remote host is prior to 140.10.0esr. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-111-03 advisory. New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Tenable has...
EUVD-2026-18166
SEPPmail Secure Email Gateway before version 15.0.3 does not properly authenticate the inner message of S/MIME-encrypted MIME entities, allowing an attacker to control trusted headers...
CVE-2026-25819
CVE-2026-25819 affects HMS Networks Ewon Flexy and Cosy+ devices. Vulnerable versions include Flexy firmware before 15.0s4, Cosy+ firmware 22.xx before 22.1s6, and Cosy+ firmware 23.xx before 23.0s3. The issue allows unauthenticated attackers with GUI access to trigger a specially crafted HTTP re...
PT-2026-22893
SEPPmail Secure Email Gateway before version 15.0.1 does not properly communicate PGP signature verification results, leaving users unable to detect forged emails...
Slackware Linux 15.0 / current mozilla-thunderbird Vulnerability (SSA:2026-047-04)
The version of mozilla-thunderbird installed on the remote host is prior to 140.7.2esr. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-047-04 advisory. New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has...
CVE-2023-30540
Nextcloud Talk is a chat, video & audio call extension for Nextcloud. In affected versions a user that was added later to a conversation can use this information to get access to data that was deleted before they were added to the conversation. This issue has been patched in version 15.0.5 and it...
CVE-2018-11007
A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53...
CVE-2023-27636
Progress Sitefinity before 15.0.0 allows XSS by authenticated users via the content form in the SF Editor...
Progress Software MOVEit Transfer 安全漏洞
Progress Software MOVEit Transfer is an automated file transfer software from Progress Software, USA. The software supports file transfers and provides file transfer activity monitoring. A security vulnerability exists in Progress Software MOVEit Transfer that originates from allowing an attacker...
CVE-2022-37175
Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet...
Apple tvOS 竞争条件问题漏洞
Apple tvOS is a smart TV operating system from Apple, Inc. Apple tvOS versions 15.0 19J346 - 15.4.1 19L452 contain a Competitive Condition Issue vulnerability that stems from a contention condition in IOKit. An attacker could exploit the vulnerability to elevate privileges on the system via a...
SAP Plant Connectivity Arbitrary Code Execution Vulnerability
SAP Plant Connectivity PCo is a set of next-generation, high-performance production plant connectivity software from SAP, which can communicate with different industrial software platforms. A security vulnerability exists in SAP PCo versions 2.3 and 15.0. A remote attacker could exploit the...
CVE-2017-10173
Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications subcomponent: Website. Supported versions that are affected are 5.0, 5.1, 5.2, 5.3, 6.0, 6.1, 15.0 and 15.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
7zip denial of service vulnerability
7zip is a set of 7-Zip data compression program software. The program can compress and decompress files in 7z format. A security vulnerability exists in the 'CInArchive::ReadFileItem' method in the Archive/Udf/UdfIn.cpp file in 7zip version 9.20 and 15.05 beta. A remote attacker can exploit this...