292 matches found
Linux Kernel Security Vulnerabilities
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to clean up the flow control list during module removal, potentially leading to memor...
ROS-20260112-7385
A vulnerability in the mptcppmnlrmaddrorsubflow function of the Linux kernel is related to incorrect flow control. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
CVE-2019-18278
When executing VideoLAN VLC media player 3.0.8 with libqt on Windows, Data from a Faulting Address controls Code Flow starting at libqtplugin!vlcentrylicense300f+0x00000000003b9aba. NOTE: the VideoLAN security team indicates that they have not been contacted, and have no way of reproducing this...
CVE-2019-16899
In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulting Address controls Code Flow starting at PMV3!CTagInfoThreadBase::GetNICInfo+0x0000000000512918...
CLSA-2025-1763374645 varnish: Fix of 2 CVEs
CVE-2024-30156: fix HTTP/2 flow control vulnerability allowing window credit exhaustion Broke Window Attack causing potential denial of service - CVE-2025-47905: fix client-side request smuggling via malformed HTTP/1 chunked requests...
SUSE CVE-2025-62409
Envoy is a cloud-native, open source edge and service proxy. Prior to 1.36.1, 1.35.5, 1.34.9, and 1.33.10, large requests and responses can potentially trigger TCP connection pool crashes due to flow control management in Envoy. It will happen when the connection is closing but upstream data is...
BIT-ENVOY-2025-62409 Envoy allows large requests and responses to cause TCP connection pool crash
Envoy is a cloud-native, open source edge and service proxy. Prior to 1.36.1, 1.35.5, 1.34.9, and 1.33.10, large requests and responses can potentially trigger TCP connection pool crashes due to flow control management in Envoy. It will happen when the connection is closing but upstream data is...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the flow control management process while overriding onAboveWriteBufferHighWatermark and onBelowWriteBufferLowWatermark callbacks. An attacker can cause a crash of the TCP connection pool by sending large...
CVE-2025-62409
Envoy is a cloud-native, open source edge and service proxy. Prior to 1.36.1, 1.35.5, 1.34.9, and 1.33.10, large requests and responses can potentially trigger TCP connection pool crashes due to flow control management in Envoy. It will happen when the connection is closing but upstream data is...
CVE-2025-62409 Envoy allows large requests and responses to cause TCP connection pool crash
Envoy is a cloud-native, open source edge and service proxy. Prior to 1.36.1, 1.35.5, 1.34.9, and 1.33.10, large requests and responses can potentially trigger TCP connection pool crashes due to flow control management in Envoy. It will happen when the connection is closing but upstream data is...
EUVD-2025-34820
Envoy is a cloud-native, open source edge and service proxy. Prior to 1.36.1, 1.35.5, 1.34.9, and 1.33.10, large requests and responses can potentially trigger TCP connection pool crashes due to flow control management in Envoy. It will happen when the connection is closing but upstream data is...
CVE-2025-62409
CVE-2025-62409 affects Envoy, where large requests/responses can trigger TCP connection pool crashes due to flow-control handling when the connection is closing but upstream data still arrives, causing a buffer watermark callback nullptr reference. Affected products include the Envoy core with TC...
CVE-2025-62409 Envoy allows large requests and responses to cause TCP connection pool crash
Envoy is a cloud-native, open source edge and service proxy. Prior to 1.36.1, 1.35.5, 1.34.9, and 1.33.10, large requests and responses can potentially trigger TCP connection pool crashes due to flow control management in Envoy. It will happen when the connection is closing but upstream data is...
Envoy 安全漏洞
Envoy is an Enphase open source gateway program for connecting smart home devices. A security vulnerability exists in Envoy versions prior to 1.36.1, prior to 1.35.5, prior to 1.34.9, and prior to 1.33.10, which stems from improper management of flow control and could result in a crash of the TCP...
EUVD-2015-1143
Malware in sbrugna...
EUVD-2018-17270
Malware in sbrugna...
EUVD-2020-20226
Malware in sbrugna...
EUVD-2021-2692
Malware in sbrugna...
EUVD-2019-0919
Malware in sbrugna...
EUVD-2012-5463
Malware in sbrugna...