Astra Linux - уязвимость в firefox, thunderbird

When reading a file, an uninitialized value might have been used as the read limit. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...

PT-2026-41781

Because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excessive resource use...

SUSE-SU-2026:1027-1 Security update for salt

This update for salt fixes the following issues: - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

cpython: Excessive read buffering DoS in http.client

A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into...

containerd: OCI image importer memory exhaustion

A flaw was found in containerd. When importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file, where a limit was not applied could cause a denial of service...

CVE-2025-13836

A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the http.client.HTTPResponse.read function when used without arguments. An attacker can exhaust system memory and potentially cause application or system instability by sending a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987669)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987669 advisory. In the Linux kernel, the following vulnerability has been resolved: eeprom: ee1004: limit i2c reads to I2CSMBUSBLOCKMAX Commit effa453168a7 i2c: i801: Don't silently...

EUVD-2018-8199

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414591)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414591 advisory. The iouring subsystem in the Linux kernel allowed the MAXRWCOUNT limit to be bypassed in the PROVIDEBUFFERS operation, which led to negative values being usedin memr...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-408084)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-408084 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is alway...

Linux Distros Unpatched Vulnerability : CVE-2023-34095

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpdb-libs provides frontend and backend libraries for the Common Printing Dialog Backends CPDB project. In versions 1.0 through 2.0b4, cpdb-libs is vulnerable t...

Linux Distros Unpatched Vulnerability : CVE-2023-32213

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When reading a file, an uninitialized value could have been used as read limit. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird...

Linux Distros Unpatched Vulnerability : CVE-2022-48806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eeprom: ee1004: limit i2c reads to I2CSMBUSBLOCKMAX Commit effa453168a7 i2c: i801: Don't silently correct invalid transfer size revealed that ee1004eepromread d...

SUSE CVE-2022-48806

In the Linux kernel, the following vulnerability has been resolved: eeprom: ee1004: limit i2c reads to I2CSMBUSBLOCKMAX Commit effa453168a7 "i2c: i801: Don't silently correct invalid transfer size" revealed that ee1004eepromread did not properly limit how many bytes to read at once. In particular...

UBUNTU-CVE-2022-48806

In the Linux kernel, the following vulnerability has been resolved: eeprom: ee1004: limit i2c reads to I2CSMBUSBLOCKMAX Commit effa453168a7 "i2c: i801: Don't silently correct invalid transfer size" revealed that ee1004eepromread did not properly limit how many bytes to read at once. In particular...

golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests

A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body up to 1GiB, causing the receiver to fail reading the response, possibly leading to a Denial of Servic...

Important: firefox

Issue Overview: A double-free in libwebp could have led to memory corruption and a potentially exploitable crash. CVE-2023-1999 In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks...

CVE-2023-32213

When reading a file, an uninitialized value could have been used as read limit. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...

DEBIAN-CVE-2023-32213

When reading a file, an uninitialized value could have been used as read limit. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...