33 matches found
OPENSUSE-SU-2026:20505-1 Security update for corosync
This update for corosync fixes the following issues: - CVE-2026-35091: Denial of Service and information disclosure via crafted UDP packet bsc1261299. - CVE-2026-35092: Denial of Service via integer overflow in join message validation bsc1261300...
CVE-2026-5264
CVE-2026-5264 describes a heap buffer overflow in DTLS 1.3 ACK message processing. The vulnerability can be triggered by a remote attacker that sends a crafted DTLS 1.3 ACK message, potentially enabling high-impact outcomes as reflected by the associated CVSS metrics (NVD: AV:N/AC:L/PR:N/UI:N/S:U...
Linux Distros Unpatched Vulnerability : CVE-2026-35092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send...
CVE-2026-35092
A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...
EUVD-2026-10335
The rtsockmsgbuffer function serializes routing information into a buffer. As a part of this, it copies sockaddr structures into a sockaddrstorage structure on the stack. It assumes that the source sockaddr length field had already been validated, but this is not necessarily the case, and it's...
PT-2025-53611
Name of the Vulnerable Software and Affected Versions ESF-IDF versions 5.5.1 through 5.1.6 Description ESF-IDF, the Espressif Internet of Things IOT Development Framework, contains a flaw in the avrc vendor msg function within the BlueDroid AVRCP stack. The function validates the allocated buffer...
EUVD-2024-1856
Malicious code in bioql PyPI...
GHSA-X9VC-6HFV-HG8C Npgsql vulnerable to SQL Injection via Protocol Message Size Overflow
Summary The WriteBind method in src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs uses int variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This causes Npgsql to write a message size that is...
In libssh2 v1.9.0 and earlier versions the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.
...
The vulnerability of the SIP server Kamailio, which allows attackers to trigger a service failure or execute arbitrary codes.
The vulnerability of the encodemsg function in the encodemsg.c file of the SEAS SIP server module Kamailio arises due to an overflow in the dynamic memory buffer. Exploiting this vulnerability allows a remote attacker to cause a service failure or execute arbitrary code memory corruption, emergen...
Sylpheed, Sylpheed-claws: Message reply overflow
Background Sylpheed is a lightweight email client and newsreader. Sylpheed-claws is a 'bleeding edge' version of Sylpheed. Description Sylpheed and Sylpheed-claws fail to properly handle non-ASCII characters in email headers when composing reply messages. Impact An attacker can send an email...
Vypress < 4.0 First Message Field Overflow
Binary data 2347.prm...
Remote crashes in Yahoo messenger
All versions of Yahoo messenger version 5. Listens on port 5101 on client machine. obviously to offload server traffic for IMs problems: for all of the problems listed below, the traffic is sent to the yahoo messenger opened port, 5101 1. One can crash yahoo messenger by overflowing the message...