CVE-2023-54280

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential race when tree connecting ipc Protect access of TCPServerInfo::hostname when building the ipc tree name as it might get freed in cifsd thread and thus causing an use-after-free bug in treeconnectdfstarget. Als...

EUVD-2021-26929

Malware in sbrugna...

kernel: net/sched: Fix UAF when resolving a clash

A use-after-free vulnerability was found in the net/sshd tcfctflowtableprocessconn of the Linux kernel. This flaw allows an attacker with a crafted payload to induce a system crash, resulting in a loss of system availability...

CVE-2019-3833

...

openwsman: Infinite loop in process_connection() allows denial of service

Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in processconnection when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server...

openwsman: Infinite loop in process_connection() allows denial of service

Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in processconnection when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server...

openSUSE Security Update : openwsman (openSUSE-2019-1217)

This update for openwsman fixes the following issues : Security issues fixed : - CVE-2019-3816: Fixed a vulnerability in openwsmand deamon which could lead to arbitary file disclosure bsc1122623. - CVE-2019-3833: Fixed a vulnerability in processconnection which could allow an attacker to trigger ...

SUSE SLES11 Security Update : openwsman (SUSE-SU-2019:13981-1)

This update for openwsman fixes the following issues : Security issues fixed : CVE-2019-3816: Fixed a vulnerability in openwsmand deamon which could lead to arbitary file disclosure bsc1122623. CVE-2019-3833: Fixed a vulnerability in processconnection which could allow an attacker to trigger an...

AZL-37152 CVE-2019-3833 affecting package openwsman for versions less than 2.6.8-13

Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in processconnection when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server...

PT-2019-1633 · Openwsman +5 · Openwsman +5

Name of the Vulnerable Software and Affected Versions: Openwsman versions up to and including 2.6.9 Description: The issue is related to an infinite loop in the process connection function when parsing specially crafted HTTP requests, such as /api/v1/login. A remote, unauthenticated attacker can...

ALPINE-CVE-2017-3169

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modssl may dereference a NULL pointer when third-party modules call aphookprocessconnection during an HTTP request to an HTTPS port...

PT-2016-3171 · Apache +5 · Apache Http Server +5

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server mod ssl versions 2.2.x through 2.2.32 Apache HTTP Server mod ssl versions 2.4.x through 2.4.25 Description: The issue is related to a NULL pointer dereference error in the mod ssl module of the Apache HTTP Server. This erro...