Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: rcuscale: Move rcuscalewriter’s scheduletimeoutuninterruptible function to idle. The rcuscale.holdoff module parameter can be used to delay the start of rcuscalewriter’s kthread. However, the hung-task timeout will trigger when t...

EUVD-2026-30115

Improper management of the idle timeout parameter in the Keycloak interface of the Arqit SKA-Platform enables an attacker to impersonate an authenticated tenant user via an unexpired browser session. This issue affects Symmetric Key Agreement Platform: before 26.03...

CVE-2026-33585

Improper management of the idle timeout parameter in the Keycloak interface of the Arqit SKA-Platform enables an attacker to impersonate an authenticated tenant user via an unexpired browser session. This issue affects Symmetric Key Agreement Platform: before 26.03...

CVE-2026-33585

Improper management of the idle timeout parameter in the Keycloak interface of the Arqit SKA-Platform enables an attacker to impersonate an authenticated tenant user via an unexpired browser session. This issue affects Symmetric Key Agreement Platform: before 26.03...

CVE-2026-33585 Arqit SKA-Platform Improper Handling of Parameters Vulnerability

Improper management of the idle timeout parameter in the Keycloak interface of the Arqit SKA-Platform enables an attacker to impersonate an authenticated tenant user via an unexpired browser session. This issue affects Symmetric Key Agreement Platform: before 26.03...

CVE-2026-33585

The CVE-2026-33585 issue involves improper management of the idle timeout parameter in the Keycloak interface of the Arqit SKA-Platform, allowing an attacker to impersonate an authenticated tenant user via an unexpired browser session. Affected product: Symmetric Key Agreement Platform (before 26...

CVE-2026-33585 Arqit SKA-Platform Improper Handling of Parameters Vulnerability

Improper management of the idle timeout parameter in the Keycloak interface of the Arqit SKA-Platform enables an attacker to impersonate an authenticated tenant user via an unexpired browser session. This issue affects Symmetric Key Agreement Platform: before 26.03...

PT-2026-40776

Improper management of the idle timeout parameter in the Keycloak interface of the Arqit SKA-Platform enables an attacker to impersonate an authenticated tenant user via an unexpired browser session. This issue affects Symmetric Key Agreement Platform: before 26.03...

Arqit Symmetric Key Agreement Platform 安全漏洞

The Arqit Symmetric Key Agreement Platform is a quantum-safe key negotiation platform developed by Arqit Corporation. Versions prior to 26.03 of the Arqit Symmetric Key Agreement Platform contained security vulnerabilities. These vulnerabilities stemmed from improper management of the idle timeou...

CVE-2026-27630 TinyWeb vulnerable to Remote Denial of Service via Thread/Connection Exhaustion (Slowloris)

TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Versions prior to version 2.02 are vulnerable to a Denial of Service DoS attack known as Slowloris. The server spawns a new OS thread for every incoming connection without enforcing a maximum concurrency limit or an appropriate...

CVE-2025-4677 Idle session timeout is not configured for multiple open ports

Insufficient Session Expiration vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.This issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K...

CVE-2025-4677 Idle session timeout is not configured for multiple open ports

Insufficient Session Expiration vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.This issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K...

EUVD-2023-60395

In the Linux kernel, the following vulnerability has been resolved: rcuscale: Move rcuscalewriter scheduletimeoutuninterruptible to idle The rcuscale.holdoff module parameter can be used to delay the start of rcuscalewriter kthread. However, the hung-task timeout will trigger when the timeout...

PT-2025-54075

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-rc1-00134-gb9ed6de8d4ff 7 Description The Linux kernel contains a flaw within the rcuscale functionality. Specifically, the rcuscale.holdoff module parameter can be manipulated to delay the start of the rcu...

EUVD-2013-3398

Malware in sbrugna...

EUVD-2021-25306

Malware in sbrugna...

EUVD-2023-32764

Malicious code in bioql PyPI...

GHSA-R7M4-F9H5-GR79 Eclipse Jetty's PushSessionCacheFilter can cause remote DoS attacks

Impact Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory. Patches https://github.com/jetty/jetty.project/pull/9715 https://github.com/jetty/jetty.project/pull/9716 Workarounds The session usage is intrinsic to the...

GHSA-RGGV-CV7R-MW98 Connection leaking on idle timeout when TCP congested

Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed ...

Connection leaking on idle timeout when TCP congested

Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed ...