CVE-2026-42944

NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options 'nsid', 'answer-cookie', 'pad-responses' default need to be enabl...

CVE-2026-42944

NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options 'nsid', 'answer-cookie', 'pad-responses' default need to be enabl...

CVE-2026-42944

NLnet Labs Unbound 1.14.0–1.25.0 is affected by a heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in replies. The vulnerability requires the options (nsid, answer-cookie, pad-responses) to be enabled, and a querier can trigger the overflow by attaching...

CVE-2026-42944

NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options 'nsid', 'answer-cookie', 'pad-responses' default need to be enabl...

Astra Linux - уязвимость в nss

The NSS code used for checking PKCS1 v1.5 was leaking information useful for launching Bleichenbacher-style attacks. Both the overall correctness of the padding and the length of the encrypted message were exposed through timing side-channels. By sending a large number of ciphertexts selected by...

Astra Linux - уязвимость в openssl1.0

In situations where an attacker receives automated notifications of the success or failure of a decryption attempt, an attacker can recover the CMS/PKCS7 transport encryption key after sending a very large number of messages to be decrypted. They can also decrypt any RSA-encrypted message encrypt...

Astra Linux - уязвимость в openimageio

There are multiple memory corruption vulnerabilities in the IFFOutput alignment padding functionality of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger...

Astra Linux - уязвимость в gnutls28

A vulnerability was identified: the response times for malformed ciphertexts in RSA-PSK ClientKeyExchange differ from those of ciphertexts with correct PKCS1 v1.5 padding...

Astra Linux - уязвимость в nss

During ECDSA signature generation, padding is applied in the nonce to ensure that constant-time scalar multiplication is removed. However, this results in variable-time execution that depends on secret data. This vulnerability affects Firefox versions less than 80, as well as Firefox for Android...

Astra Linux - уязвимость в php8.1, php7.3

The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/13817...

Astra Linux - уязвимость в openssl

There exists a timing-based side channel in the OpenSSL RSA Decryption implementation. This vulnerability could be sufficient for an attacker to recover plaintext across a network in a Bleichenbacher-style attack. To successfully decrypt data, an attacker would need to be able to send a very larg...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed an out-of-bounds write issue in smb2getea when performing EA alignment. smb2getea applies a 4-byte alignment padding using memset after writing each EA entry. The bounds check on buffreelen is performed before the...

PT-2026-42131

Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions 1.14.0 through 1.25.0 Description A heap overflow occurs when encoding multiple NSID, DNS Cookie EDNS, and EDNS Padding options in a reply packet. This happens because a flaw in the size calculation of the EDNS fiel...

CVE-2026-42944

NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options 'nsid', 'answer-cookie', 'pad-responses' default need to be enabl...

UBUNTU-CVE-2026-42944

NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options 'nsid', 'answer-cookie', 'pad-responses' default need to be enabl...

rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers

CipherCtxRef::cipherupdateinplace incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec, producing attacker-controllable heap corruption whe...

CVE-2026-44662

A flaw was found in rust-openssl. When using AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad with an input that is not a multiple of 8, the output buffers are incorrectly sized. This can lead to attacker-controllable heap corruption, allowing an attacker to write up to 7 bytes past the...

PT-2026-42029

CipherCtxRef::cipher update inplace incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVP aes 128,192,256 wrap pad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec, producing attacker-controllable heap corrupti...

libssh2: Fix of 2 CVEs

CVE-2019-3860: bounds-check SFTP packet sizes in sftppacketrequire/v and sftpbin2attr - CVE-2019-3861: bounds-check paddinglength in libssh2transportread...

CLSA-2026-1778788223 libssh2: Fix of 2 CVEs

CVE-2019-3860: bounds-check SFTP packet sizes in sftppacketrequire/v and sftpbin2attr - CVE-2019-3861: bounds-check paddinglength in libssh2transportread...