CVE-2026-0966 Libssh: libssh: denial of service via zero-length input in ssh_get_hexa()

A flaw was found in libssh. The API function sshgethexa is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI Generic Security Service Application Program Interface authentication if the server's logging verbosity is se...

CVE-2026-0966

CVE-2026-0966 affects the libssh library with a buffer underflow in ssh_get_hexa() on invalid input. The issue occurs because ssh_get_hexa() is used by ssh_get_fingerprint_hash() and the deprecated ssh_print_hexa(), and also in gssapi logging. Remote triggering is possible when GSSAPI authenticat...

openssh security update

8.7p1-29 - Resolve possible self-DoS with some clients Resolves: rhbz2186473...

Acronis: Self-DoS due to template injection via email field in password reset form on access.acronis.com

Summary HI acronis security team , how are you I hope everyone is OK in the other side of the screen . I found Template Injection in https://access.acronis.com/resetpassword/new via the mail input . Steps To Reproduce: 1. Open https://access.acronis.com/resetpassword/new and Enter the mail Payloa...

Ed: Fix for self-DoS in Security-txt Chrome Extension.

@sp1d3rs found a self-DoS vulnerability in the Security-txt Chrome Extension. He was also kind enough to provide a fix wich you can find on GitHub. We merged @sp1d3rs' fix when he submitted a PR. We later decided that it was better to stop using XHR and use Fetch instead, a newer API. This was th...

Ed: Chrome Extension is vulnerable to the self-DOS issues in case it process the security.txt with a big size

Description Hello. Before all, thanks for the invite: Here is keyword: frog I discovered the self-DOS issue, which affects Chrome extension. Impact I marked the impact as low, because it will affect only the browser tab, and will not impact other browser tabs. The issue happens due to processing...

CVE-2006-3416

Tor before 0.1.1.20 kills the circuit when it receives an unrecognized relay command, which causes network circuits to be disbanded. NOTE: while this item is listed under the "Security fixes" section of the developer changelog, the developer clarified on 20060707 that this is only a self-DoS...

CVE-2006-3416

Tor before 0.1.1.20 kills the circuit when it receives an unrecognized relay command, which causes network circuits to be disbanded. NOTE: while this item is listed under the "Security fixes" section of the developer changelog, the developer clarified on 20060707 that this is only a self-DoS...