68 matches found
EUVD-2026-37521
sppppapinput in sys/net/ifspppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths...
CVE-2026-55706
sppppapinput in sys/net/ifspppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths...
CVE-2026-55706
CVE-2026-55706 affects the OpenBSD kernel component sppp_pap_input in sys/net/if_spppsubr.c, where authentication can be bypassed if certain lengths are zero. Affected versions are OpenBSD before the commit 076e2b1. The root cause is input length values being set to zero, enabling bypass of authe...
CVE-2026-55706
sppppapinput in sys/net/ifspppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths...
CVE-2026-55706
sppppapinput in sys/net/ifspppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths...
PT-2026-50221
Name of the Vulnerable Software and Affected Versions OpenBSD versions prior to 076e2b1 Description The sppp pap input function in sys/net/if spppsubr.c allows authentication bypass when certain zero values are used for lengths. Real-world offensive activities targeting this issue have been...
UBUNTU-CVE-2026-48059
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nest...
CVE-2023-7345 Ledger Live hw-app-eth EIP-712 Message Parsing Integer Truncation
Ledger Live with vulnerable versions of ledgerhq/hw-app-eth prior to 6.34.7 contains an integer parsing vulnerability that allows attackers to manipulate EIP-712 typed data messages by exploiting incorrect hexadecimal field parsing when values contain an odd number of characters. Attackers can...
CVE-2025-65104 Firebird: Information leak vulnerability in firebird3 client when used with newer server
Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields when communicating with FB4 or higher servers, resulting in an information leak. This issue is fixed by upgrading to the FB4 client or...
Rsync 安全漏洞
Rsync is a fast and versatile file copying tool developed by RsyncProject. It is used for both remote and local files. Versions of Rsync from 3.0.1 to 3.4.1 contain security vulnerabilities. These vulnerabilities stem from the use of untrusted length values in the receivexattr function during the...
SUSE CVE-2026-24738
gmrtd is a Go library for reading Machine Readable Travel Documents MRTDs. Prior to version 0.17.2, ReadFile accepts TLVs with lengths that can range up to 4GB, which can cause unconstrained resource consumption in both memory and cpu cycles. ReadFile can consume an extended TLV with lengths well...
CVE-2026-24738 gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values
gmrtd is a Go library for reading Machine Readable Travel Documents MRTDs. Prior to version 0.17.2, ReadFile accepts TLVs with lengths that can range up to 4GB, which can cause unconstrained resource consumption in both memory and cpu cycles. ReadFile can consume an extended TLV with lengths well...
CVE-2026-24738 gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values
gmrtd is a Go library for reading Machine Readable Travel Documents MRTDs. Prior to version 0.17.2, ReadFile accepts TLVs with lengths that can range up to 4GB, which can cause unconstrained resource consumption in both memory and cpu cycles. ReadFile can consume an extended TLV with lengths well...
EUVD-2008-1384
Malware in sbrugna...
EUVD-2021-12555
Malware in sbrugna...
EUVD-2019-6217
Malware in sbrugna...
EUVD-2018-11349
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-19665
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption. CVE-2018-19665 Note that Nessus relies on the...
CVE-2021-42917
Buffer overflow vulnerability in Kodi xbmc up to 19.0, allows attackers to cause a denial of service due to improper length of values passed to istream...
DEBIAN-CVE-2025-40907
FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC...