6084 matches found
Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition
A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...
GHSA-5QCV-4RPC-JP93 Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition
A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...
CVE-2026-35554
A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...
CVE-2026-35554
A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...
CVE-2026-35554
Summary of CVE-2026-35554 : A race condition in the Apache Kafka Java producer client’s buffer pool management can cause message corruption and misrouting. When a produce batch expires due to delivery timeout while its network request is in flight, the batch ByteBuffer may be deallocated early an...
CVE-2026-35554 Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition
A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...
CVE-2026-35554 Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition
A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...
PT-2026-31068
Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description When verifying a certificate chain with excluded DNS constraints, these constraints are not correctly applied to wildcard DNS Subject Alternative Names SANs that differ in case. This impacts the validation of...
PT-2026-30827
Name of the Vulnerable Software and Affected Versions Apache Kafka versions 3.9.1 and earlier, 4.0.1 and earlier, and 4.1.1 and earlier Description A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics...
Apache Kafka 安全漏洞
Apache Kafka is an open-source distributed streaming platform developed by the Apache Foundation in the United States. This platform enables the acquisition of real-time data, allowing for the creation of applications that can respond in real time to changes in data streams. There are security...
CVE-2026-35679
Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions, which potentially could have resulted in the draining of user funds from the Sprout pool. It was sometimes not verifying Sprout proofs...
EUVD-2026-19126
Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions, which potentially could have resulted in the draining of user funds from the Sprout pool. It was sometimes not verifying Sprout proofs...
CVE-2026-35679
Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions, which potentially could have resulted in the draining of user funds from the Sprout pool. It was sometimes not verifying Sprout proofs...
CVE-2026-35679
Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions, which potentially could have resulted in the draining of user funds from the Sprout pool. It was sometimes not verifying Sprout proofs...
CVE-2026-35679
Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions, which potentially could have resulted in the draining of user funds from the Sprout pool. It was sometimes not verifying Sprout proofs...
PT-2026-30508
Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions, which potentially could have resulted in the draining of user funds from the Sprout pool. It was sometimes not verifying Sprout proofs...
Zcash 安全特征问题漏洞
Zcash is a decentralized, open-source digital currency. Versions of Zcash prior to 6.12.0 had security vulnerabilities that could lead to the acceptance of invalid transactions under certain conditions, potentially resulting in the depletion of users’ funds in the Sprout pool...
GHSA-6Q22-G298-GRJH Directus: Unauthenticated Denial of Service via GraphQL Alias Amplification of Expensive Health Check Resolver
Summary The GraphQL specification permits a single query to repeat the same field multiple times using aliases, with each alias resolved independently by default. Directus did not deduplicate resolver invocations within a single request, meaning each alias triggered a full, independent execution ...
SUSE CVE-2026-23453
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix memory leak in XDPDROP for non-zero-copy mode Page recycling was removed from the XDPDROP path in emacrunxdp to avoid conflicts with AFXDP zero-copy mode, which uses xskbufffree instead. However, this...
SUSE CVE-2026-23463
In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: fix race condition in qmandestroyfq When QMANFQFLAGDYNAMICFQID is set, there's a race condition between fqtablefq-idx state and freeing/allocating from the pool and WARNONfqtablefq-idx in qmancreatefq gets...