18770 matches found
OESA-2026-1105 mod_security_crs security update
The base rules are provided for modsecurity by this package. Security Fixes: The OWASP core rule set CRS is a set of generic attack detection rules for use with compatible web application firewalls. Prior to versions 4.22.0 and 3.3.8, the current rule 922110 has a bug when processing multipart...
CVE-2025-14822
Mattermost versions 10.11.x = 10.11.8 fail to validate input size before processing hashtags which allows an authenticated attacker to exhaust CPU resources via a single HTTP request containing a post with thousands space-separated tokens...
um: init cpu_tasks[] earlier
...
CVE-2025-14822
Mattermost versions 10.11.x = 10.11.8 fail to validate input size before processing hashtags which allows an authenticated attacker to exhaust CPU resources via a single HTTP request containing a post with thousands space-separated tokens...
CVE-2025-14822 DoS from quadratic complexity in model.ParseHashtags
Mattermost versions 10.11.x = 10.11.8 fail to validate input size before processing hashtags which allows an authenticated attacker to exhaust CPU resources via a single HTTP request containing a post with thousands space-separated tokens...
BIT-ELK-2026-0530 Allocation of Resources Without Limits or Throttling in Kibana Leading to Excessive Allocation
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana Fleet can lead to Excessive Allocation CAPEC-130 via a specially crafted request. This causes the application to perform redundant processing operations that continuously consume system resources until service degradation or...
CVE-2025-14231
Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06.02...
CVE-2025-14234
Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06.02 and...
CVE-2025-14232
Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06.02...
CVE-2025-14232
Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06.02...
Canon’s various products have security vulnerabilities
Canon ImageRunner is a product of the Japanese company Canon. Canon ImageRunner is a series of all-in-one black-and-white printers. Canon imagePROGRAF is a large-format printer. Canon imageCLASS MF644Cdw is a smart and efficient 3-in-1 color multifunctional printer. Several Canon products have...
Canon’s various products have security vulnerabilities
Canon ImageRunner is a product of the Japanese company Canon. Canon ImageRunner is a series of all-in-one black-and-white printers. Canon imagePROGRAF is a large-format printer. Canon imageCLASS MF644Cdw is a smart and efficient 3-in-1 color multifunctional printer. Several Canon products have...
MiracleLinux 7 : binutils-2.27-34.base.el7 (AXSA:2018-3397:04)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3397:04 advisory. binutils: Improper bounds check in coffgen.c:coffpointerizeaux allows for denial of service when parsing a crafted COFF file CVE-2018-7208 binutils:...
Cisco Firepower Threat Defense (FTD) Software Multiple Vulnerabilities (cisco-sa-snort3-dcerpc-vulns-J9HNF4tH)
According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by the following vulnerabilities: - A vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001327)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001327 advisory. An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to...
Canon’s various products have security vulnerabilities
Canon ImageRunner is a product of the Japanese company Canon. Canon ImageRunner is a series of all-in-one black-and-white printers. Canon Color imageCLASS is a series of printers. Canon Satera is also a series of printers. Several Canon products have security vulnerabilities; these vulnerabilitie...
Canon’s various products have security vulnerabilities
Canon ImageRunner is a product of the Japanese company Canon. Canon ImageRunner is a series of all-in-one black-and-white printers. Canon imagePROGRAF is a large-format printer. Canon imageCLASS MF644Cdw is a smart and efficient 3-in-1 color multifunctional printer. Several Canon products have...
MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.232.b09-0.el7 (AXSA:2019-4346:06)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4346:06 advisory. OpenJDK: Improper handling of Kerberos proxy credentials Kerberos, 8220302 CVE-2019-2949 OpenJDK: Unexpected exception thrown during regular...
PT-2026-3241
Name of the Vulnerable Software and Affected Versions Mattermost versions 10.11.0 through 10.11.8 Description Mattermost versions 10.11.x up to and including 10.11.8 do not properly validate the size of input before processing hashtags. This allows an authenticated attacker to consume excessive C...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003761)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003761 advisory. An information disclosure vulnerability exists when certain central processing units CPU speculatively access memory. An attacker who successfully exploited the...