39 matches found
BIT-PYTHON-2025-13836 Excessive read buffering DoS in http.client
When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS...
CVE-2026-27015 FreeRDP: Smartcard NDR Alignment Padding Triggers Reachable WINPR_ASSERT Abort (Client DoS)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a missing bounds check in smartcardunpackreadsizealign libfreerdp/utils/smartcardpack.c:1703 allows a malicious RDP server to crash the FreeRDP client via a reachable WINPRASSERT → abort. The crash occurs in...
EUVD-2025-200070
When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS...
CVE-2025-13836
When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990881)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990881 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Add workaround for Errata i2037 AM65x SR 1.0 Errata i2037 in AM65x/DRA80xM...
EUVD-2025-28922
Malicious code in bioql PyPI...
kernel: usb: typec: ucsi: Limit read size on v1.2
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 The Linux kernel CVE team has assigned CVE-2024-35924 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35924-90f6@gregkh/T...
CVE-2024-44460
An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service DoS...
DEBIAN-CVE-2024-53219
In the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following warning was reported: ------------ cut here ------------ WARNING: CPU: ...
UBUNTU-CVE-2024-50282
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size check in amdgpudebugfsgprwaveread Avoid a possible buffer overflow if size is larger than 4K. cherry picked from commit f5d873f5825b40d886d03bd2aede91d4cf002434...
kernel: usb: typec: ucsi: Limit read size on v1.2
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 The Linux kernel CVE team has assigned CVE-2024-35924 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35924-90f6@gregkh/T...
DEBIAN-CVE-2024-47667
In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Add workaround for Errata i2037 AM65x SR 1.0 Errata i2037 in AM65x/DRA80xM Processors Silicon Revision 1.0 SPRZ452DJuly 2018Revised December 2019 1 mentions when an inbound PCIe TLP spans more than two internal AXI...
UBUNTU-CVE-2024-47667
In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Add workaround for Errata i2037 AM65x SR 1.0 Errata i2037 in AM65x/DRA80xM Processors Silicon Revision 1.0 SPRZ452DJuly 2018Revised December 2019 1 mentions when an inbound PCIe TLP spans more than two internal AXI...
CVE-2024-45993
Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb...
CVE-2024-44460
An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service DoS...
CVE-2024-44460
An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service DoS...
PT-2024-31159 · Nanomq · Nanomq
Name of the Vulnerable Software and Affected Versions: Nanomq version 0.21.9 Description: The issue is related to an invalid read size, allowing attackers to cause a Denial of Service DoS. Recommendations: For Nanomq version 0.21.9, at the moment, there is no information about a newer version tha...
CVE-2024-44460
Nanomq is affected by CVE-2024-44460 due to an invalid read size in version v0.21.9, which can lead to a Denial of Service. Public sources consistently describe the issue as impacting Nanomq v0.21.9 and confirming a DoS condition, but do not provide a confirmed patch or fixed version in the suppl...
kernel: usb: typec: ucsi: Limit read size on v1.2
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 The Linux kernel CVE team has assigned CVE-2024-35924 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35924-90f6@gregkh/T...
kernel: usb: typec: ucsi: Limit read size on v1.2
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 The Linux kernel CVE team has assigned CVE-2024-35924 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35924-90f6@gregkh/T...