Huawei EulerOS: Security Advisory for mod_http2 (EulerOS-SA-2025-2467)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 10 : libsoup3 (RHSA-2025:23139)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:23139 advisory. Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the...

nghttp2 security update

An update is available for nghttp2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list nghttp2 contains the Hypertext Transfer Protocol version 2 HTTP/2 client,...

Linux Distros Unpatched Vulnerability : CVE-2025-1948

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGSMAXHEADERLISTSIZ...

[SECURITY] [DLA 4387-1] qtbase-opensource-src security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4387-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler November 29, 2025 https://wiki.debian.org/LTS -...

EulerOS 2.0 SP13 : mod_http2 (EulerOS-SA-2025-2450)

According to the versions of the modhttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In certain proxy configurations, a denial of service attack againstApache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by...

Huawei EulerOS: Security Advisory for mod_http2 (EulerOS-SA-2025-2440)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TencentOS Server 3: mod_http2 (TSSA-2022:0259)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0259 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Huawei EulerOS: Security Advisory for mod_http2 (EulerOS-SA-2025-2395)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM i is affected by BIND accepting records with untrusted data, predictable port and query ID, and resource exhaustions in Domain Name System due to multiple vulnerabilities.

Summary Domain Name System for IBM i is vulnerable to BIND accepting records with forged data CVE-2025-40778, prediction of port and ID due to weakness in pseudo random number generator CVE-2025-40780, various resource exhaustions when being flooded with valid or invalid HTTP/2 traffic...

Updated libsoup3 & libsoup packages fix security vulnerabilities

Libsoup: heap buffer over-read in skipinsignificantspace when sniffing content. CVE-2025-2784 Libsoup: denial of service attack to websocket server. CVE-2025-32049 Libsoup: integer overflow in appendparamquoted. CVE-2025-32050 Libsoup: segmentation fault when parsing malformed data uri...

CLSA-2025-1761747106 Fix CVE(s): CVE-2024-38477

SECURITY UPDATE: null pointer dereference in modproxy - debian/patches/CVE-2024-38477.patch: validate hostname in modules/proxy/proxyutil.c. Restart from the original URL on reconnect in modules/http2/modproxyhttp2.c. - CVE-2024-38477...

Fedora: Security Advisory (FEDORA-2025-494d9f64cb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-55669 BIG-IP HTTP/2 vulnerability

When the BIG-IP Advanced WAF and ASM security policy and a server-side HTTP/2 profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

Advisory ROSA-SA-2025-3033

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-14 affected versions tomcat-9.0.37-14 CVE-ID: CVE-2025-48989 BDU-ID: 2025-09899 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the HTTP2 handler of the Apache Tomcat application server is related to incorrect resource...

RockyLinux 9 : mod_http2 (RLSA-2025:14983)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:14983 advisory. httpd: modproxyhttp2: untrusted input from a client causes an assertion to fail in the Apache modproxyhttp2 module CVE-2025-49630 Tenable has extracted the...

Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.13.2 release and security update

Red Hat AMQ Broker 7.13.2 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

EUVD-2021-15897

Malware in sbrugna...

EUVD-2018-18093

Malware in sbrugna...

EUVD-2018-18105

Malware in sbrugna...