EUVD-2019-18886

Malware in sbrugna...

[SECURITY] [DLA 4244-1] tomcat9 security update

Debian LTS Advisory DLA-4244-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany July 22, 2025 https://wiki.debian.org/LTS Package : tomcat9 Version : 9.0.107-0+deb11u1 CVE ID : CVE-2024-34750 CVE-2024-54677 CVE-2025-31650 CVE-2025-31651 CVE-2025-46701 CVE-2025-4897...

TencentOS Server 3: nginx:1.14 (TSSA-2023:0158)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0158 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Apache Tomcat 10.1.0-M1 < 10.1.31 Multiple Vulnerabilities

The version of Apache Tomcat installed on the remote host 9.0.0-M1 to 9.0.95, 10.1.0-M1 to 10.1.30 or 11.0.0-M1 to 11.0.0-M26. It is, therefore, affected by multiple vulnerabilities : - If Tomcat was configured to use a custom Jakarta Authentication formerly JASPIC ServerAuthContext component whi...

RHEL 6 / 7 : httpd24-httpd and httpd24-nghttp2 (RHSA-2019:2949)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2949 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: HTTP/2: large amoun...

nghttp2: Multiple Vulnerabilities

Background Nghttp2 is an implementation of HTTP/2 and its header compression algorithm HPACK in C. Description Multiple vulnerabilities have been discovered in nghttp2. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

RHEL 7 : rh-nodejs8-nodejs (RHSA-2019:2955)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2955 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

Important: Red Hat Security Advisory: ACS 4.1 enhancement update

Updated images are now available for Red Hat Advanced Cluster Security. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

grafana security update

An update is available for grafana. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor fo...

SUSE-SU-2020:2344-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2020-9490: Fixed a crash caused by a specially crafted value for the 'Cache-Digest' header in a HTTP/2 request bsc1175071. - CVE-2020-11984: Fixed an information disclosure bug in modproxyuwsgi bsc1175074. - CVE-2020-11993: When trace/debu...

SUSE SLES12 Security Update : nodejs12 (SUSE-SU-2020:0059-1) (0-Length Headers Leak) (Data Dribble) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)

This update for nodejs12 fixes the following issues : Update to LTS release 12.13.0 jscSLE-8947. Security issues fixed : CVE-2019-9511: Fixed the HTTP/2 implementation that was vulnerable to window size manipulations bsc1146091. CVE-2019-9512: Fixed the HTTP/2 implementation that was vulnerable t...

SUSE-SU-2020:0059-1 Security update for nodejs12

This update for nodejs12 fixes the following issues: Update to LTS release 12.13.0 jscSLE-8947. Security issues fixed: - CVE-2019-9511: Fixed the HTTP/2 implementation that was vulnerable to window size manipulations bsc1146091. - CVE-2019-9512: Fixed the HTTP/2 implementation that was vulnerable...

RHEL 8 : container-tools:1.0 (RHSA-2019:4273)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:4273 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: HTTP/2:...

nodejs:10 security update

An update is available for nodejs-nodemon, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a software development platform for...

Important: nodejs:10 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 10.16.3. Security Fixes: HTTP/2: large amount of data requests leads to denial of...

OPENSUSE-SU-2019:2115-1 Security update for nodejs8

This update for nodejs8 to version 8.16.1 fixes the following issues: Security issues fixed: - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service bsc1146091. - CVE-2019-9512...

OPENSUSE-SU-2019:2000-1 Security update for go1.12

This update for go1.12 fixes the following issues: Security issues fixed: - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth. bsc1146111 - CVE-2019-9514: Fixed HTTP/2 implementation is vulnerable to a reset flood, potentially leading to a denial of...

SUSE-SU-2019:0334-1 Security update for nginx

This update for nginx to version 1.14.2 fixes the following issues: Security vulnerabilities addressed: - CVE-2018-16843 CVE-2018-16844: Fixed an issue whereby a client using HTTP/2 might cause excessive memory consumption and CPU usage bsc1115025 bsc1115022. - CVE-2018-16845: Fixed an issue whic...