124 matches found
PT-2026-23820
Name of the Vulnerable Software and Affected Versions Easy PHP Settings plugin for WordPress versions up to and including 1.0.4 Description The Easy PHP Settings plugin for WordPress is susceptible to PHP Code Injection due to inadequate input validation on the wp memory limit and wp max memory...
Ubuntu: Security Advisory (USN-8037-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-8037-1: DNSdist vulnerabilities
It was discovered that HTTP/2, which is used/vendored by DNSdist, did not properly account for resources when handling client-triggered stream resets. An attacker could possibly use this issue to cause a denial of service. CVE-2025-8671 It was discovered that DNSdist did not properly manage memor...
MiracleLinux 9 : golang-1.18.9-1.el9, go-toolset-1.18.9-1.el9 (AXSA:2023-4904:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4904:01 advisory. golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004407)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004407 advisory. A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver,...
CVE-2025-66627
Wasmi is a WebAssembly interpreter focused on constrained and embedded systems. In versions 0.41.0, 0.41.1, 0.42.0 through 0.47.1, 0.50.0 through 0.51.2 and 1.0.0, Wasmi's linear memory implementation leads to a Use After Free vulnerability, triggered by a WebAssembly module under certain memory...
UBUNTU-CVE-2025-40245
In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to determine the limits of memmap, in particular for maxlowpfn. Unfortunately,...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990307)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990307 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with...
Security update 5.1.1 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-prometheus-alertmanager: Update to version 0.28.1 jscPED-13285: Improved performance of inhibition rules when using Equal labels. Improve the documentation on escaping in UTF-8 matchers. Update alertmanagerconfighash metric help to document th...
GHSA-G46H-2RQ9-GW5M OpenBao has potential Denial of Service vulnerability when processing malicious unauthenticated JSON requests
Summary JSON objects after decoding might use more memory than their serialized version. It is possible to tune a JSON to maximize the factor between serialized memory usage and deserialized memory usage similar to a zip bomb. While reproducing the issue, we could reach a factor of about 35. This...
OpenBao has potential Denial of Service vulnerability when processing malicious unauthenticated JSON requests
Summary JSON objects after decoding might use more memory than their serialized version. It is possible to tune a JSON to maximize the factor between serialized memory usage and deserialized memory usage similar to a zip bomb. While reproducing the issue, we could reach a factor of about 35. This...
EUVD-2004-0490
Malware in sbrugna...
EUVD-1999-1499
Malware in sbrugna...
EUVD-2006-7033
Malware in sbrugna...
EUVD-2021-0072
Malware in sbrugna...
EUVD-2025-0098
Malicious code in bioql PyPI...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the parser process. An attacker can cause excessive memory consumption by submitting a specially crafted XML document, resulting in service disruption due to resource exhaustion...
CVE-2025-59045 Stalwart vulnerable to Memory Exhaustion via CalDAV Event Expansion
Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalwart's CalDAV implementation that allows authenticated attackers to cause denial-of-service by triggering unbounded memory consumption through...
CVE-2025-59045 Stalwart vulnerable to Memory Exhaustion via CalDAV Event Expansion
Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalwart's CalDAV implementation that allows authenticated attackers to cause denial-of-service by triggering unbounded memory consumption through...
CVE-2024-52791
Matrix Media Repo MMR is a highly configurable multi-homeserver media repository for Matrix. MMR makes requests to other servers as part of normal operation, and these resource owners can return large amounts of JSON back to MMR for parsing. In parsing, MMR can consume large amounts of memory and...