8 matches found
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50271)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50271 advisory. - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache Jeff Layton Orabug: 39362036 CVE-2026-31402 - net/sched: Only allow actct to bind to...
UBUNTU-CVE-2026-40215
A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-40257: mptcp: fix a race in mptcppmdeladdtimer bsc1254842. CVE-2025-40259: scsi: sg: Do not sleep in atomic context bsc1254845. CVE-2025-68284: libceph: prevent...
CVE-2025-68775 net/handshake: duplicate handshake cancellations leak socket
In the Linux kernel, the following vulnerability has been resolved: net/handshake: duplicate handshake cancellations leak socket When a handshake request is cancelled it is removed from the handshakenet-hnrequests list, but it is still present in the handshakerhashtbl until it is destroyed. If a...
CVE-2025-11602
A flaw was found in Neo4j. A potential information leak in the bolt protocol handshake allows an attacker to obtain one byte of information from previous connections. However, the attacker has no control over the information leaked in server responses. Mitigation Mitigation for this issue is eith...
PT-2025-44600
Name of the Vulnerable Software and Affected Versions Neo4j versions prior to 2025-11602 Description A potential information leak exists in the bolt protocol handshake within Neo4j Enterprise and Community editions. This allows an attacker to obtain one byte of information from previous...
CVE-2025-11234
A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network acces...
Bouncy Castle 安全漏洞
Bouncy Castle is a collection of APIs used in cryptography organized by Bouncy Castle. It includes APIs for the Java and C programming languages . A security vulnerability exists in Bouncy Castle versions prior to 1.78, which stems from exception handling, where an RSA-based handshake may have a...