CLSA-2026-1778750122 Fix CVE(s): CVE-2026-27857

SECURITY UPDATE: imap-login excessive memory usage DoS ELSCVE-123445 - debian/patches/CVE-2026-27857.patch: limit IMAP parser open list count via new imapparserparams struct; cap pre-auth IMAPLOGINLISTCOUNTLIMIT to 1. Squashes upstream commits 825bc297, d0f67b52, af1fb4da, 3435e0d44. -...

Wireshark 资源管理错误漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4 contained a resource management vulnerability, which was caused by a crash i...

Wireshark 安全漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

Wireshark 安全漏洞

Wireshark is a set of network packet analysis software developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

GO-2026-4789 Packetbeat does not properly validate an array index in multiple protocol parser components in github.com/elastic/beats

Packetbeat does not properly validate an array index in multiple protocol parser components in github.com/elastic/beats...

CVE-2026-26933

Improper Validation of Array Index CWE-129 in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker with the ability to send specially crafted, malformed network packets to a monitored network interface can trigger...

CVE-2026-26932

Improper Validation of Array Index CWE-129 in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker can send a specially crafted packet causing a Go runtime panic that terminates the Packetbeat process. This vulnerability requir...

Webpack 代码问题漏洞

Webpack is a module bundler developed by Webpack contributors. Its primary purpose is to bundle JavaScript files for use in browsers. However, it can also convert, bundle, or package almost any resource or asset. Versions of Webpack from 5.49.0 to 5.104.1 contained code vulnerabilities. These...

CVE-2025-63649

An out-of-bounds read in the httpparsertransferencodingchunked function mkserver/mkhttpparser.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted POST request to the server...

PT-2026-5333

An out-of-bounds read in the http parser transfer encoding chunked function mk server/mk http parser.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted POST request to the server...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the MongoDB protocol parser. An attacker can cause buffer overflows by sending specially crafted network traffic to a monitored network interface where MongoDB protocol parsing is enabled...

Wireshark 安全漏洞

Wireshark formerly Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A security vulnerability exists in Wireshark versions 4.6.0 through 4.6.2, which stems from an...

Elastic Packetbeat 安全漏洞

Elastic Packetbeat is a data collector from the Dutch company Elastic. Elastic Packetbeat suffers from a security vulnerability that stems from improper validation of array indexes by the MongoDB protocol parser, which could lead to a buffer overflow...

EUVD-2024-41605

Malicious code in bioql PyPI...

Apache bRPC Denial of Service Vulnerability

Apache bRPC is the United States Apache Apache Foundation's industrial-grade RPC framework for building reliable and high-performance services. A denial of service vulnerability exists in Apache bRPC, which stems from improper memory allocation in the Redis protocol parser, and can be exploited b...

CVE-2025-54472

CVE-2025-54472 affects Apache bRPC’s Redis protocol parser. The root cause is unbounded memory allocation when parsing Redis protocol data, where arrays/strings are allocated based on network-provided integers; if a value is too large, a bad_alloc can crash the service. The issue also affects 1.1...

CVE-2025-54472 Apache bRPC: Redis Parser Remote Denial of Service

Unlimited memory allocation in redis protocol parser in Apache bRPC all versions 1.14.1 on all platforms allows attackers to crash the service via network. Root Cause: In the bRPC Redis protocol parser code, memory for arrays or strings of corresponding sizes is allocated based on the integers re...

Apache bRPC 安全漏洞

Apache bRPC is the United States Apache Apache Foundation's industrial-grade RPC framework for building reliable and high-performance services. A denial of service vulnerability exists in Apache bRPC, which stems from improper memory allocation in the Redis protocol parser, and can be exploited b...

Linux Distros Unpatched Vulnerability : CVE-2024-45797

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and...

PT-2024-27229 · Openplc · Openplc

Name of the Vulnerable Software and Affected Versions: OpenPLC v3 b4702061dc14d1024856f71b4543298d77007b88 Description: An out-of-bounds read issue exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality. A specially crafted network request can lead to denial of service. An attacker c...