OPENSUSE-SU-2026:20854-1 Security update for rqlite

This update for rqlite fixes the following issues: Changes in rqlite: - Update to version 10.2.0: Support verifying mTLS peer Common Name Console supports restore from SQLite data Console "count rows" respects current Tables Expand/Collapse state Console supports dropping indexes Further Console...

UBUNTU-CVE-2026-6761

Privilege escalation in the Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

PT-2026-26181

Name of the Vulnerable Software and Affected Versions libp2p-rust versions prior to 0.49.3 Description The libp2p-rust Gossipsub implementation is susceptible to a remote, unauthenticated denial-of-service condition. The implementation accepts attacker-controlled PRUNE backoff values and performs...

CVE-2025-67726

Tornado is a Python web framework and asynchronous networking library. Versions 6.5.2 and below use an inefficient algorithm when parsing parameters for HTTP header values, potentially causing a DoS. The parseparam function in httputil.py is used to parse specific HTTP header values, such as thos...

EUVD-2021-0072

Malware in sbrugna...

ALSA-2024:10590 Important: python-tornado security update

Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and tools. Security Fixes: python-tornado: Tornado has HTTP cookie parsing DoS vulnerability CVE-2024-52804 For more details about the security issues,...

Important: Red Hat Security Advisory: python-gevent security update

An update for python-gevent is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

ALSA-2024:8834 Important: python-gevent security update

gevent is a coroutine-based Python networking library that uses greenlet to provide a high-level synchronous API on top of libevent event loop. Features include: convenient API around greenlets familiar synchronization primitives gevent.event, gevent.queue socket module that cooperates WSGI serve...

Important: Red Hat Security Advisory: python-gevent security update

An update for python-gevent is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-eventlet) security update

An update for python-eventlet is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2023:6523 Moderate: python-tornado security update

Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and tools. Security Fixes: python-tornado: open redirect vulnerability in StaticFileHandler under certain configurations CVE-2023-28370 For more details...

Eventlet Security Vulnerabilities

Eventlet is a concurrent networking library for Python. There is a security vulnerability in python-eventlet that stems from a regression introduced in the Red Hat build version that resulted in patches not being applied to all versions of all products...

SUSE CVE-2019-11236

In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter...

Denial of Service (DoS)

Overview apple/swift-nio-http2 is a HTTP/2 support for SwiftNIO. Affected versions of this package are vulnerable to Denial of Service DoS. This can be caused by a network peer sending ALTSVC or ORIGIN frames, due to a logical error after frame parsing but before frame handling. Details Denial of...

Debian DSA-4946-1 : openjdk-11 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4946 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java S...

USN-4956-1: Eventlet vulnerability

It was discovered that Eventlet incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service...

CVE-2021-21419

Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts websocket frame to...

Valve's Steam Server Bugs Could've Let Hackers Hijack Online Games

Critical flaws in a core networking library powering Valve's online gaming functionality could have allowed malicious actors to remotely crash games and even take control over affected third-party game servers. "An attacker could remotely crash an opponent's game client to force a win or even...

UBUNTU-CVE-2020-10756

An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6sendechoreply routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory,...

ZeroMQ: Code execution

Background Looks like an embeddable networking library but acts like a concurrency framework Description Please reference the CVE for details. Impact Please reference the CVE for details. Workaround There is no known workaround at this time. Resolution All ZeroMQ users should upgrade to the lates...