[SECURITY] Fedora 43 Update: libssh2-1.11.1-6.fc43

libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...

EUVD-2026-26698

AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3 bytes,...

Amazon Linux 2023 : ngtcp2, ngtcp2-crypto-gnutls, ngtcp2-crypto-gnutls-devel (ALAS2023-2026-1633)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1633 advisory. ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer...

[SECURITY] [DSA 6222-1] ngtcp2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6222-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 21, 2026 https://www.debian.org/security/faq -...

[SECURITY] Fedora 44 Update: cpp-httplib-0.37.1-2.fc44

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include the httplib.h file in your code!...

CVE-2026-28799

A flaw was found in PJSIP. A remote attacker can exploit a heap use-after-free vulnerability within the event subscription framework by sending a specially crafted message during presence unsubscription. This can lead to a denial of service, making the affected system unavailable. Mitigation...

UBUNTU-CVE-2026-22776

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service DoS vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies Content-Encoding: gzip, br, etc.. The library validates the...

RHEL 9 : libssh (RHSA-2025:23024)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:23024 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Incorrect...

Linux Distros Unpatched Vulnerability : CVE-2025-61911

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method...

EUVD-2014-6453

Malware in sbrugna...

CVE-2024-45402

Picotls is a TLS protocol library that allows users select different crypto backends based on their use case. When parsing a spoofed TLS handshake message, picotls specifically, bindings within picotls that call the crypto libraries may attempt to free the same memory twice. This double free occu...

CVE-2024-45402

CVE-2024-45402 describes a double free in Picotls when parsing a spoofed TLS handshake, specifically in bindings that call crypto libraries. The issue causes the same memory to be freed twice during disposal of multiple objects with no intervening malloc, potentially triggering malloc abort and, ...

CVE-2024-43544

Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability...

CentOS 9 : freerdp-2.4.1-5.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the freerdp-2.4.1-5.el9 build changelog. - Fix length checks in parallel driver 2136152 CVE-2022-39282 - Add missing length check in video channel 2136154 CVE-2022-39283 - FreeRDP ...

SUSE CVE-2024-25110

The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule...

The vulnerability of .NET components in the communication protocol library for connecting components of ASU TP Triangle MicroWorks DNP3 Source Code Library, a control platform for managing public distribution and transmission networks of Schneider Electric Saitel DR RTU, allows a intruder to cause a service failure.

The vulnerability of .NET components in the communication protocol library used for connecting components of ASU systems like Triangle MicroWorks DNP3 Source Code Library in Schneider Electric Saitel DR RTU control platforms lies in the fact that the operation results are stored outside of the...

CVE-2022-35747

Windows Point-to-Point Protocol PPP Denial of Service Vulnerability...

CVE-2023-21695

Microsoft Protected Extensible Authentication Protocol PEAP Remote Code Execution Vulnerability...

CVE-2022-39317

FreeRDP (ZGFX decoder) is affected by CVE-2022-39317: a missing range check on the input offset index in the ZGFX decoder can allow a malicious server to cause an out-of-bounds read and attempted decoding. This is addressed in FreeRDP version 2.9.0 and later. Affected products are FreeRDP librari...

The vulnerability of the TMW IEC 61850 Software Library and the TMW IEC 60870-6 (ICCP/TASE.2) Software Library lies in their inability to access uninitialized indicators, allowing attackers to cause service failures.

The vulnerability of the TMW IEC 61850 Software Library and the TMW IEC 60870-6 ICCP/TASE.2 Software Library relates to the access to an uninitialized indicator. Exploiting this vulnerability could allow a malicious actor to cause a service failure...