CVE-2025-7054

Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRECONNECTIONID frames. QUIC connections possess a set of connection identifiers IDs; see Section 5.1 of RFC 9000 https://datatracker.ietf.org/doc/html/rfc9000section-5.1 . Once the QUIC...

CVE-2025-7054

Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRECONNECTIONID frames. QUIC connections possess a set of connection identifiers IDs; see Section 5.1 of RFC 9000 https://datatracker.ietf.org/doc/html/rfc9000section-5.1 . Once the QUIC...

PT-2025-32266 · Cloudflare · Cloudflare Quiche

Name of the Vulnerable Software and Affected Versions: Cloudflare quiche versions 0.15.0 through 0.24.5 Description: Cloudflare quiche is susceptible to an infinite loop when processing packets containing RETIRE CONNECTION ID frames. QUIC connections utilize connection identifiers IDs with sequen...

Linux Distros Unpatched Vulnerability : CVE-2024-10463

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbi...

CVE-2025-27065 Buffer Over-read in WLAN Firmware

Transient DOS while processing a frame with malformed shared-key descriptor...

Linux Distros Unpatched Vulnerability : CVE-2022-42719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers able ...

tomcat: Apache Tomcat denial of service

A denial of service flaw was found in Apache Tomcat. An uncontrolled resource consumption vulnerability, where an HTTP/2 client fails to acknowledge the initial settings frame that reduces the maximum permitted concurrent streams, could result in a denial of service...

firefox security update

An update is available for firefox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

wifi-arsenal

This repository is an offensive tool for WiFi exploitation. It is a collection of tools and scripts for various WiFi-related attacks, including denial of service, encryption attacks, WEP/WPA/WPA2 attacks, WPS attacks, and others. The repository is maintained by 0x90/wifi-arsenal. The repository...

tomcat: Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame

A flaw was found in Apache Tomcat. This vulnerability allows an application-level denial of service DoS, causing it to become unresponsive or slow via maliciously crafted HTTP/2 prioritization headers. It performs an incomplete cleanup of failed requests, which triggers a memory leak...

SUSE CVE-2025-38331

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: cortina: Use TOE/TSO on all TCP It is desireable to push the hardware accelerator to also process non-segmented TCP frames: we pass the skb-len to the "TOE/TSO" offloader and it will handle them. Without this quirk...

CVE-2025-27057

Transient DOS while handling beacon frames with invalid IE header length...

AZL-72835 CVE-2025-38331 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: cortina: Use TOE/TSO on all TCP It is desireable to push the hardware accelerator to also process non-segmented TCP frames: we pass the skb-len to the "TOE/TSO" offloader and it will handle them. Without this quirk...

CVE-2025-38343

Mode C: CVE-2025-38343 is a Linux kernel WiFi fragmentation issue in mt76/mt7996 where multicast/broadcast RAs fragments are dropped since fragmentation applies only to unicast frames. Connected docs indicate affected packages (e.g., kernel versions

CVE-2025-38331 net: ethernet: cortina: Use TOE/TSO on all TCP

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: cortina: Use TOE/TSO on all TCP It is desireable to push the hardware accelerator to also process non-segmented TCP frames: we pass the skb-len to the "TOE/TSO" offloader and it will handle them. Without this quirk...

CVE-2025-38331 net: ethernet: cortina: Use TOE/TSO on all TCP

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: cortina: Use TOE/TSO on all TCP It is desireable to push the hardware accelerator to also process non-segmented TCP frames: we pass the skb-len to the "TOE/TSO" offloader and it will handle them. Without this quirk...

CVE-2025-49604

For Realtek AmebaD devices, a heap-based buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before version 3.1.9 and ameba-rtos-d before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a on 2025/07/03. In the WLAN driver defragment function, lack of validation of the size of fragmented...

CVE-2025-49604

For Realtek AmebaD devices, a heap-based buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before version 3.1.9 and ameba-rtos-d before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a on 2025/07/03. In the WLAN driver defragment function, lack of validation of the size of fragmented...

CVE-2025-38238 scsi: fnic: Fix crash in fnic_wq_cmpl_handler when FDMI times out

In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Fix crash in fnicwqcmplhandler when FDMI times out When both the RHBA and RPA FDMI requests time out, fnic reuses a frame to send ABTS for each of them. On send completion, this causes an attempt to free the same fram...

CVE-2025-49604

CVE-2025-49604 affects Realtek AmebaD devices (Ameba-AIoT ameba-arduino-d < 3.1.9; ameba-rtos-d