OPENSUSE-SU-2026:20815-1 Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues - CVE-2023-45288: golang.org/x/net/http2: close connections when receiving too many headers bsc1236533. - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header...

SUSE-SU-2026:21826-1 Security update for libsndfile

This update for libsndfile fixes the following issues - CVE-2025-52194: buffer overflow in the ircamreadheader function of file src/ircam.c when processing malformed IRCAM audio files bsc1248458. - CVE-2025-56226: memory leak in the mpegl3encoderinit function of mpegl3encode.c bsc1256702. -...

UBUNTU-CVE-2026-43501

In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve maclen headroom when recompressed SRH grows ipv6rplsrhrcv decompresses an RFC 6554 Source Routing Header, swaps the next segment into ipv6hdr-daddr, recompresses, then pulls the old header and pushes the new on...

CVE-2026-43254 ovpn: tcp - fix packet extraction from stream

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1. Head...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Return error if block header overflows file Return an error from csdsppowerup if a block header is longer than the amount of data left in the file. The previous code in csdspload and csdsploadcoeff would loop whi...

CVE-2019-25478

GetGo Download Manager 6.2.2.3300 is affected by a buffer overflow vulnerability that allows remote attackers to cause denial of service by sending HTTP responses with excessively long headers. The condition is triggered by crafted HTTP headers that crash the application, making it unavailable. T...

Exploit for Uncontrolled Resource Consumption in Ietf Http

Exploit-Title-HTTP-2-2.0---Denial-Of-Service-DOS-...

Azure Linux 3.0 Security Update: kernel (CVE-2024-42238)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42238 advisory. - In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Return error if block...

PT-2025-53654

Name of the Vulnerable Software and Affected Versions D-Link DIR-600 versions prior to 2.15WWb02 Description A stack-based buffer overflow exists in the HTTP Header Handler component of D-Link DIR-600. The issue is due to the manipulation of the Cookie argument within the hedwig.cgi file. This...

curl: Curl Alt-Svc Parser Stack Buffer Overflow

cURL Alt-Svc Parser Stack Buffer Overflow Vulnerability Analysis In Simple Terms A critical security flaw was discovered in cURL versions 7.64.0-7.89.0 that allows attackers to run malicious code on your system by exploiting how cURL processes certain HTTP responses. When cURL receives a speciall...

UBUNTU-CVE-2025-66628

ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM PSX TIM image parser contains a critical integer overflow vulnerability in its ReadTIMImage function coders/tim.c. The code reads width and height 16-bit values from the file...

CVE-2021-4464 FIberHome AN5506-04-FA / HG6245D Routers Remote Stack Overflow

FiberHome AN5506-04-FA firmware versions up to and including RP2631 and HG6245D prior to RP2602 contain a stack-based buffer overflow, as the HTTP service 'webs' fails to enforce maximum lengths for Cookie header values. When a cookie longer than 511 bytes is processed, a stack buffer is overrun,...

CVE-2021-4464

The CVE-2021-4464 entry affects FiberHome AN5506-04-FA (firmware up to RP2631) and HG6245D (up to RP2602). The issue is a stack-based buffer overflow in the HTTP service (webs) caused by not enforcing cookie header length limits, triggering overflow when a cookie >511 bytes is processed, leadi...

PT-2025-46729

Name of the Vulnerable Software and Affected Versions FiberHome AN5506-04-FA firmware versions up to and including RP2631 FiberHome HG6245D versions prior to RP2602 Description The HTTP service 'webs' does not properly limit the size of Cookie header values, resulting in a stack-based buffer...

ROS-20251029-07

The vulnerability in the Golang programming language is related to the implementation of a function where a string is accumulated via repeated concatenation without effectively managing memory or time complexity. Exploitation of the vulnerability could allow an attacker to cause a denial of servi...

EUVD-2025-26102

Malicious code in bioql PyPI...

EUVD-2025-31647

Malicious code in bioql PyPI...

CVE-2025-10392

The CVE-2025-10392 entry concerns Mercury KM08-708H GiGA WiFi Wave2 1.1.14. Affects the HTTP Header Handler component, where manipulating the Host argument causes a stack-based buffer overflow. The vulnerability is exploitable remotely, with exploit code publicly available. Documents indicate a C...

Linux Distros Unpatched Vulnerability : CVE-2017-16872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Teluu pjproject pjlib and pjlib-util in PJSIP before 2.7.1. Parsing the numeric header fields in a SIP message like cseq, ttl, port,...

Exploit for CVE-2025-23266

CVE-2025-23266 Author: Mark Mallia Target platform: U...