CVE-2026-8813

This affects versions of the package exifreader before 4.39.0. A crafted image containing an ICC mluc tag can set an attacker-controlled record count together with a zero record size. During parsing, ExifReader repeatedly processes the same record and appends entries to an array without sufficien...

CVE-2026-3832 Gnutls: gnutls: security bypass allows acceptance of revoked server certificates via crafted ocsp response

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol OCSP response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabl...

CVE-2025-61730

CVE-2025-61730: TLS handshake messages may be processed at the wrong encryption level, potentially allowing information disclosure if an attacker can inject handshake messages. The connected advisories link this to crypto/tls in affected Amazon Linux 2 components (e.g., docker, containerd, ecs ru...

kernel: tls: fix handling of zero-length records on the rx_list

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

SUSE CVE-2025-39682

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

ALPINE-CVE-2024-4741

Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code...

UBUNTU-CVE-2024-4741

Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code...

Security Bulletin: Multiple vulnerabilities in Golang Go may affect IBM Decision Optimization for IBM Cloud Pak for Data (CVE-2022-32149, CVE-2022-41721, CVE-2022-41723, CVE-2022-41724, CVE-2022-41725 and CVE-2023-24532)

Summary There are multiple vulnerabilities in Golang Go used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-32149 DESCRIPTION: Golang Go is vulnerable to a denial...

SUSE-SU-2021:1826-1 Security update for bind

This update for bind fixes the following issues: - CVE-2021-25214: Fixed a broken inbound incremental zone update IXFR which could have caused named to terminate unexpectedly bsc1185345. - CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records...

An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself

...

bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself

A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. The highest threat from this flaw is to system availability...

RUSTSEC-2020-0001 Stack overflow when resolving additional records from MX or SRV null targets

There's a stack overflow leading to a crash and potential DOS when processing additional records for return of MX or SRV record types from the server. This is only possible when a zone is configured with a null target for MX or SRV records, i.e. '.'. Example effected zone record: text no-service...

Security Bulletin: Vulnerabilities in RequisitePro GSKit Component (CVE-2014-0963)

Summary A vulnerability in IBM Rational RequisitePro in relation to TLS Record Processing has been discovered related to TLS 1.0 and later which can result in high CPU utilization that requires a system reboot to resolve. Vulnerability Details | Subscribe to My Notifications to be notified of...

squid security update

-7:3.1.10-1.el62.1 - Resolves: 755016 - CVE-2011-4096: Invalid free by processing CNAME DNS record...

ZDI-10-164: Adobe Shockwave Player Director File FFFFFF88 Record Processing Remote Code Execution Vulnerability

ZDI-10-164: Adobe Shockwave Player Director File FFFFFF88 Record Processing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-164 August 24, 2010 -- CVE ID: CVE-2010-2876 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Adobe -- Affected Products:...

Adobe Shockwave Player Director File FFFFFF88 Record Processing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...