CVE-2026-32937

This CVE affects free5GC CHF prior to v1.2.2, where an out-of-bounds slice access in nchf-convergedcharging RechargePut(...) can be triggered by an authenticated PUT to /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=.... The result is a server-side panic converted to HTTP 500 by Gin, ena...

CVE-2026-32724 PX4 autopilot has a heap Use-After-Free in MavlinkShell::available() via SERIAL_CONTROL Race Condition

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc1, a heap-use-after-free is detected in the MavlinkShell::available function. The issue is caused by a race condition between the MAVLink receiver thread which handles shell creation/destruction and the telemetry sender thre...

subversion:1.10 security update

An update is available for utf8proc, libserf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Subversion SVN is a concurrent version control system which enables...

CVE-2020-8623 A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c

In BIND 9.10.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.10.5-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: be running BIND tha...

SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2020:0454-1)

This update for nodejs8 fixes the following issues : Security issues fixed : CVE-2019-15604: Fixed a remotely triggerable assertion in the TLS server via a crafted certificate string CVE-2019-15604, bsc1163104. CVE-2019-15605: Fixed an HTTP request smuggling vulnerability via malformed...

OPENSUSE-SU-2020:0179-1 Security update for ucl

This update for ucl fixes the following issues: CVE-2018-11243: Fix remotely triggerable DoS via double free boo1094138 This update was imported from the openSUSE:Leap:15.1:Update update project...

OPENSUSE-SU-2020:0162-1 Security update for ucl

This update for ucl fixes the following issues: CVE-2018-11243: Fix remotely triggerable DoS via double free boo1094138...

[SECURITY] [DSA 4514-1] varnish security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4514-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 04, 2019 https://www.debian.org/security/faq -...

[SECURITY] [DLA 311-1] rpcbind security update

Package : rpcbind Version : 0.2.0-4.1+deb6u1 CVE ID : CVE-2015-7236 A use-after-free vulnerability in rpcbind causing remotely triggerable crash was found. Rpcbind crashes in svcdodestroy when trying to free a corrupted xprt-xpnetid pointer, which contains a sockaddrin...

DLA-311-1 rpcbind - security update

Bulletin has no description...

Appweb Web Server Denial Of Service

Affected software: Appweb Web Server CVE ID: CVE-2014-9708 Description: An HTTP request with a Range header of the form "Range: x=," ie. with an empty range value will cause a null pointer dereference, leading to a remotely-triggerable DoS. Fixed versions: 4.6.6, 5.2.1 Bug entry:...

bind: 9.9.3P2 security and bugfix update (important)

The BIND nameserver was updated to 9.9.3P2 to fix a security issue where incorrect bounds checking on private type 'keydata' could lead to a remotely triggerable REQUIRE failure. CVE-2013-4854, bnc831899...

Fedora 11 : krb5-1.6.3-31.fc11 (2010-8796)

Shawn Emery discovered a remotely-triggerable NULL pointer dereference in the Kerberos GSS-API library which could be used to cause GSS-API-authenticated services to crash. This update incorporates fixes to instead correctly detect the error and return an error code. Note that Tenable Network...