PT-2026-38280

Name of the Vulnerable Software and Affected Versions Netty versions 4.2.0.Final through 4.2.12.Final Description Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed. This occurs when a connection has ALLOW HALF CLOSURE enabled or is in a...

Missing Release of Resource after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime via the DML component. An attacker can cause the server to hang or crash repeatedly by sending crafted requests over the network with high privileges. Remediation Upgrade libmysqlclie...

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Missing Release of Memory after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime via the GetTypeMetrics function. An attacker can cause memory resources to be exhausted by providing a TXT file with a texture attribute that triggers a failure in metric retrieval,...

Missing Release of Memory after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime via the mpegl3encoderinit function. An attacker can cause excessive memory consumption by repeatedly invoking this function, potentially leading to resource exhaustion. Remediation A fi...

Linux Distros Unpatched Vulnerability : CVE-2023-53592

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: gpio: sifive: Fix refcount leak in sifivegpioprobe ofirqfindparent returns a node pointer wi...

EUVD-2022-52806

Malicious code in bioql PyPI...

CVE-2025-44003

Missing Release of Resource after Effective Lifetime CWE-772 in the Gallagher T-Series Reader allows an attacker with physical access to the reader to perform a limited denial of service when 125 kHz Card Technology is enabled. This issue affects T-Series Readers: 9.20 prior to vCR9.20.250213a...

Security Bulletin: IBM Technical Suppport Appliance - possible security flaws or denial of service

Summary Numerous fixes to the Linux kernel for reported issues related to various security vulnerabilities such as demnial of service, unauthorized access, or leakage of sensitive data. Vulnerability Details CVEID:CVE-2019-25162 DESCRIPTION: Linux Kernel s vulnerable to a denial of service, cause...

Juniper Junos OS Vulnerability (JSA96457)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA96457 advisory. - A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated...

CVE-2022-49568 KVM: Don't null dereference ops->destroy

In the Linux kernel, the following vulnerability has been resolved: KVM: Don't null dereference ops-destroy A KVM device cleanup happens in either of two callbacks: 1 destroy which is called when the VM is being destroyed; 2 release which is called when a device fd is closed. Most KVM devices use...

Missing Release of Memory after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime due to the handling of HTTP requests with low timeouts which allows an unauthenticated attacker to repeatedly send specially crafted requests that trigger a memory leak. Remediation...

CVE-2024-53198

In the Linux kernel, the following vulnerability has been resolved: xen: Fix the issue of resource not being properly released in xenbusdevprobe This patch fixes an issue in the function xenbusdevprobe. In the xenbusdevprobe function, within the if err branch at line 313, the program incorrectly...

CVE-2024-45802 Squid Denial of Service

Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted...

CVE-2024-47493 Junos OS: MX Series: Trio-based FPCs: Continuous physical Interface flaps causes local FPC to crash

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine PFE of the Juniper Networks Junos OS on the MX Series platforms with Trio-based FPCs allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. In case of channelized Modular...

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 5.0.21 LTS, 12.0.4 LTS and 12.4.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported...

Exploit for Missing Release of Memory after Effective Lifetime in Realtek Rtsper

CVE-2024-40431+CVE-2022-25479 chain for EOPDATA ONLY ATTACK...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing skbuff release in seg6inputcore...

CVE-2024-27023

In CVE-2024-27023, the Linux kernel md subsystem (md) had a flaw where active_io was not released when flush_pending fell to zero, causing mddev_suspend() to wait forever. The fix releases active_io in submit_flushes() as soon as flush_pending transitions to zero, preventing the hang. The descrip...

Missing Release of Memory after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime due to a memory leak flaw in the pmaprmt.c file. An attacker can lead to a denial of service through memory exhaustion by exploiting this flaw. Remediation There is no fixed version for...