CVE-2026-54280

CVE-2026-54280 affects AIOHTTP. Before 3.14.1, payload resources may not be closed if a client disconnects during a write, risking temporary resource starvation (e.g., open files) with no additional impact details provided. The issue is fixed in 3.14.1. The CVSS-based note in the initial data ind...

CVE-2026-54280

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, payload resources are not closed correctly when a client disconnects in the middle of a write. If a payload is using an open file or similar limited resource, then an attacker may be able to cause...

GHSA-9X8Q-7H8H-WCW9 aiohttp: Payload Response Resources Are Not Closed After Mid-Body Disconnect

Summary Payload resources are not closed correctly when a client disconnects in the middle of a write. Impact If a payload is using an open file or similar limited resource, then an attacker may be able to cause resource starvation temporarily until garbage collection or similar closes the file...

aiohttp: Payload Response Resources Are Not Closed After Mid-Body Disconnect

Summary Payload resources are not closed correctly when a client disconnects in the middle of a write. Impact If a payload is using an open file or similar limited resource, then an attacker may be able to cause resource starvation temporarily until garbage collection or similar closes the file...

PT-2026-49594

Name of the Vulnerable Software and Affected Versions AIOHTTP versions prior to 3.14.1 Description Payload resources are not closed correctly when a client disconnects during a write operation. If a payload utilizes an open file or other limited resources, an attacker can cause temporary resource...

CVE-2026-5072 ptp: Potential Denial of Service via PTP Interval Shift

A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTPMSGMANAGEMENT message to set an unvalidated negative logannounceinterval value in the port's data set. When a subsequent...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004345)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004345 advisory. An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A...

EUVD-2017-0659

Malware in sbrugna...

EUVD-2019-16230

Malware in sbrugna...

EUVD-2021-2055

Malware in sbrugna...

EUVD-2003-0795

Malware in sbrugna...

EUVD-2021-6588

Malicious code in bioql PyPI...

EUVD-2022-43239

Malicious code in bioql PyPI...

CVE-2025-53537 LibHTP's memory leak with lzma can lead to resource starvation

LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces. In versions 0.5.50 and below, there is a traffic-induced memory leak that can starve the process of memory, leading to loss of visibility. To workaround this issue, set suricata.yaml...

CVE-2025-53537 LibHTP's memory leak with lzma can lead to resource starvation

LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces. In versions 0.5.50 and below, there is a traffic-induced memory leak that can starve the process of memory, leading to loss of visibility. To workaround this issue, set suricata.yaml...

CVE-2025-53538 Suricata's mishandling of data on HTTP2 stream 0 can lead to resource starvation

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...

CVE-2025-53538 Suricata's mishandling of data on HTTP2 stream 0 can lead to resource starvation

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...

CVE-2025-53538

CVE-2025-53538 affects Suricata (IDS/IPS/NSM engine by OISF) in versions 7.0.10 and earlier and 8.0.0-beta1 through 8.0.0-rc1. The root cause is mishandling of data on HTTP/2 stream 0, causing uncontrolled memory usage and loss of visibility. The issue scores as CVSS v3.1/7.5 (HIGH) with NETWORK ...

CVE-2021-1121

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel driver, where a vGPU can cause resource starvation among other vGPUs hosted on the same GPU, which may lead to denial of service...

CVE-2019-6671

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, under certain conditions tmm may leak memory when processing packet fragments, leading to resource starvation...