249 matches found
Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion
Zeta Producer Desktop CMS before 14.2.1 is vulnerable to local file inclusion if the plugin "filebrowser" is installed because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal. id: CVE-2018-13980 info: name: Zeta Producer Desktop CMS 14.2.1 - Local File Inclusion author...
Security Bulletin: There is a vulnerability in kafka-clients-3.9.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-35554)
Summary There is a vulnerability in kafka-clients-3.9.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-35554 DESCRIPTION: A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/sched: Increasing the job count before swapping the SPSC queue. There is a minor race condition between spscqueuepush and the run-job worker. In this race condition, spscqueuepush may return not-first, while the run-job worke...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: wraparound mbox producer index The driver does not handle the wraparound of the mbox producer index correctly. Currently, the wraparound occurs once the u32 maximum value is reached. Bit 31 of the producer index...
Security Bulletin: IBM WebSphere Automation is vulnerable to CVE-2026-35554 which affects the kakfa client library
Summary IBM WebSphere Automation is vulnerable to CVE-2026-35554, which causes a race condition in the Apache Kafka Java producer client's buffer pool management which can cause messages to be silently delivered to incorrect topics. Vulnerability Details CVEID:CVE-2026-35554 DESCRIPTION: A race...
Apache Kafka Clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management
A flaw was found in the Apache Kafka Java producer client. A race condition in the client's buffer pool management can cause messages to be silently delivered to incorrect topics. This occurs when a message batch expires while its network request is still active, leading to premature buffer...
Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions
Summary In addition to many updates of operating system level packages, the following security vulnerability is addressed in IBM Business Automation Manager Open Editions 8.0.9-IF0001 Vulnerability Details CVEID:CVE-2026-35554 DESCRIPTION: A race condition in the Apache Kafka Java producer client...
Apache Kafka Clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management
A flaw was found in the Apache Kafka Java producer client. A race condition in the client's buffer pool management can cause messages to be silently delivered to incorrect topics. This occurs when a message batch expires while its network request is still active, leading to premature buffer...
Improper Handling of Case Sensitivity
Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity due to a flaw in the default filtering mechanism HeaderFilterStrategy that only blocks headers starting with specific prefixes. An attacker can execute arbitrary code and write files by injecting...
SUSE CVE-2026-35554
A race condition in the Apache Kafka Java producer client's buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch's ByteBuffer is...
CVE-2026-35554
A flaw was found in the Apache Kafka Java producer client. A race condition in the client's buffer pool management can cause messages to be silently delivered to incorrect topics. This occurs when a message batch expires while its network request is still active, leading to premature buffer...
GHSA-5QCV-4RPC-JP93 Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition
A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...
EUVD-2026-19631
A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...
Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition
A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...
CVE-2026-35554
A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...
CVE-2026-35554
A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...
CVE-2026-35554 Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition
A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...
CVE-2026-35554 Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition
A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...
Apache Kafka 安全漏洞
Apache Kafka is an open-source distributed streaming platform developed by the Apache Foundation in the United States. This platform enables the acquisition of real-time data, allowing for the creation of applications that can respond in real time to changes in data streams. There are security...
EUVD-2026-18772
In the Linux kernel, the following vulnerability has been resolved: bnxten: fix OOB access in DBGBUFPRODUCER async event handler The ASYNCEVENTCMPLEVENTIDDBGBUFPRODUCER handler in bnxtasynceventprocess uses a firmware-supplied 'type' field directly as an index into bp-bstrace without bounds...