28 matches found
CVE-2026-6664
CVE-2026-6664 affects PgBouncer prior to 1.25.2, where an integer overflow in the network packet parsing code bypasses a boundary check and can crash the process. An unauthenticated remote attacker can crash PgBouncer by sending a malformed SCRAM authentication packet. The issue affects vulnerabl...
CVE-2026-39312
SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2.5188 and likely earlier versions of Developer Edition. An unauthenticated remote attacker can cra...
MGASA-2026-0021 Updated iperf packages fix security vulnerabilities
In iperf before 3.19.1, iperfauth.c has an off-by-one error and resultant heap-based buffer overflow. CVE-2025-54349 In iperf before 3.19.1, iperfauth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt. CVE-2025-54350...
BIT-GITLAB-2025-13927 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.9 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted requests with malformed authentication data...
CVE-2025-13927
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.9 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted requests with malformed authentication data...
CVE-2025-13927
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.9 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted requests with malformed authentication data...
CVE-2025-13927
GitLab CVE-2025-13927 affects GitLab CE/EE versions prior to 18.6.4 (11.9–11.x lineage), 18.7 prior to 18.7.2, and 18.8 prior to 18.8.2. An unauthenticated user could cause a denial-of-service by sending crafted requests with malformed authentication data. The issue has been remediated in the cit...
CVE-2025-13927
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.9 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted requests with malformed authentication data...
CVE-2025-13927
Removed by vendor...
CVE-2025-13927 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.9 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted requests with malformed authentication data...
CVE-2026-1102 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending repeated malformed SSH authentication requests...
CVE-2026-1102
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending repeated malformed SSH authentication requests...
[SECURITY] [DLA 4418-1] python-mechanize security update
Debian LTS Advisory DLA-4418-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert December 22, 2025 https://wiki.debian.org/LTS Package : python-mechanize Version : 1:0.4.5-2+deb11u1 CVE ID : CVE-2021-32837 Erik Krogh Kristensen and Rasmus Petersen from the GitHub...
CLSA-2025-1764679337 iperf3: Fix of 2 CVEs
CVE-2025-54349: fix off-by-one error and heap-based buffer overflow in iperfauth.c - CVE-2025-54350: prevent crash due to assertion failures on malformed authentication attempt in iperfauth.c...
CLSA-2025-1764028726 iperf3: Fix of 2 CVEs
CVE-2025-54349: fix off-by-one error and heap-based buffer overflow in iperfauth.c - CVE-2025-54350: prevent crash due to assertion failures on malformed authentication attempt in iperfauth.c...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: iperf3 (UTSA-2025-984793)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984793 advisory. In iperf before 3.19.1, iperfauth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt. Tenable has extracted the...
Linux Distros Unpatched Vulnerability : CVE-2025-54350
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In iperf before 3.19.1, iperfauth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt. CVE-2025-54350 Note that...
SUSE CVE-2025-54350
In iperf before 3.19.1, iperfauth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt...
DEBIAN-CVE-2025-54350
In iperf before 3.19.1, iperfauth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt...
AZL-66068 CVE-2025-54350 affecting package iperf3 for versions less than 3.18-2
In iperf before 3.19.1, iperfauth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt...