Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: rejecting malformed HCICMDSYNC commands In mgmthcicmdsync, check whether the size of the parameters passed in struct mgmtcphcicmdsync matches the total size of the data i.e., sizeofstruct mgmtcphcicmdsync plus th...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure in the HandleApplicationDataInfluenceDataSubsToNotifyGet process. An attacker can access sensitive subscriber identifiers by sending unauthenticated HTTP GET requests to the affected endpoint without any query...

EUVD-2026-10908

Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing...

CVE-2026-31812

Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...

CVE-2026-31812

Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...

CVE-2026-31812 Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing

Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...

CVE-2019-25401

Bematech formerly Logic Controls, now Elgin MP-4200 TH printer contains a denial of service vulnerability in the admin configuration page. Remote attackers can send crafted POST requests with malformed 'admin' and 'person' parameters to crash the printer's web service, causing a denial of service...

CVE-2019-25401

Bematech MP-4200 TH printer (formerly Logic Controls, now Elgin) has a denial-of-service vulnerability in the admin configuration page. Remote attackers can send crafted POST requests with malformed 'admin' and 'person' parameters to crash the web service, causing DoS. CVSS metrics are provided: ...

PT-2026-20531

Bematech formerly Logic Controls, now Elgin MP-4200 TH printer contains a cross-site scripting vulnerability in the admin configuration page. Attackers can inject malicious scripts via crafted POST requests with malformed 'admin' and 'person' parameters, allowing execution of arbitrary JavaScript...

EUVD-2020-30190

Malware in sbrugna...

EUVD-2004-0066

Malware in sbrugna...

SUSE CVE-2025-38128

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: reject malformed HCICMDSYNC commands In 'mgmthcicmdsync', check whether the size of parameters passed in 'struct mgmtcphcicmdsync' matches the total size of the data i.e. 'sizeofstruct mgmtcphcicmdsync' plus...

PoDoFo Resource Management Error Vulnerability

PoDoFo is a free portable C++ library open-sourced by PoDoFo. A resource management error vulnerability exists in PoDoFo version 0.10.0, which stems from the function PoDoFo::PdfEncrypt::IsMetadataEncrypted containing heap reuse after release. A remote attacker can exploit this vulnerability to...

Google Pixel Resource Management Error Vulnerability (CNVD-2023-00002)

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a resource management error vulnerability. A remote attacker can exploit this vulnerability to cause a denial of service disk consumption and large number of notifications with the help of a series of...

CVE-2021-46389

IIPImage High Resolution Streaming Image Server prior to commit 882925b295a80ec992063deffc2a3b0d803c3195 is affected by an integer overflow in iipsrv.fcgi through malformed HTTP query parameters...

CVE-2020-25132

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to SQL Injection due to the fact that it is possible to inject malicious SQL statements in malformed parameter types. Sending the improper variable type Array allows a bypass of core SQL Injecti...

CVE-2020-10957

In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp...

ALPINE-CVE-2020-10957

In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp...

CVE-2020-10957

In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp...

Updated sympa packages fix security vulnerability

Updated sympa packages fix security vulnerability: Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service disk consumption from temporary files, and a flood of notifications to listmasters via a series of requests with malformed parameters CVE-2020-9369...