CVE-2022-4986

Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service...

CVE-2026-22321

CVE-2026-22321 describes a stack-based buffer overflow in the device’s Telnet/SSH CLI login routine triggered by oversized/unexpected username input from an unauthenticated attacker. This crashes only the thread handling the login attempt while other CLI sessions remain unaffected, resulting in a...

CVE-2026-28412

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the DirectorServer WebSocket server imposes no limit on concurrent connections. Combined with a broadcast timer that sends state to all connected clients every 100 ms, an attacker can exhaust CPU and memory by flooding the server...

CVE-2026-28412

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the DirectorServer WebSocket server imposes no limit on concurrent connections. Combined with a broadcast timer that sends state to all connected clients every 100 ms, an attacker can exhaust CPU and memory by flooding the server...

EUVD-2026-9201

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the DirectorServer WebSocket server imposes no limit on concurrent connections. Combined with a broadcast timer that sends state to all connected clients every 100 ms, an attacker can exhaust CPU and memory by flooding the server...

EUVD-2017-3267

Malware in sbrugna...

EUVD-2007-5560

Malware in sbrugna...

Linux Virtual Delivery Agent - ICA session crashes when resizing

When resizing the ICA Session Window, users might see that the session crashes...

Fedora 40 : proftpd (2025-d37ad923f5)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-d37ad923f5 advisory. This update addresses a null pointer dereferencing issue that could cause the session for a client that sent specially-crafted commands to the server to cras...

Fedora 41 : proftpd (2025-835949b994)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-835949b994 advisory. This update addresses a null pointer dereferencing issue that could cause the session for a client that sent specially-crafted commands to the server to cras...

Citrix Virtual Apps and Desktop - VDA Session Issues

Introduction This article is a summary of top support articles associated with VDA Sessions Disconnects, Registration, Stuck Session as well as Hangs/Crash that occur in the VDA. For Launch issues please see our dedicated Launch issue article Citrix Virtual Apps and Desktops: Session Launch Issue...

kernel: smb: client: fix UAF in smb2_reconnect_server()

A flaw was found in the smb client in the Linux kernel. A potential use-after-free error was seen in the smb2reconnectserver function. This issue can lead to the crash of a client user session...

kernel: smb: client: fix UAF in smb2_reconnect_server()

A flaw was found in the smb client in the Linux kernel. A potential use-after-free error was seen in the smb2reconnectserver function. This issue can lead to the crash of a client user session...

CVE-2022-38152

An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSLclear is called on its session, the server crashes with a segmentation fault. This occurs in the second session, which is created through TLS session resumption and reuses the initial struct...

ALPINE-CVE-2020-28327

A respjsipsession crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This...

CVE-2020-28327

A respjsipsession crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This...

bash: popd controlled free

A denial of service flaw was found in the way bash handled popd commands. A poorly written shell script could cause bash to crash resulting in a local denial of service limited to a specific bash session...

MGASA-2015-0355 Updated pure-ftpd packages fix security vulnerability

Updated pure-ftpd packages fix security vulnerability: It was reported that the process handling a user session could be crashed by trying to match a file pattern longer than the maximum length for a path...

krb5: denial of service flaws when handling RFC 1964 tokens

A buffer over-read flaw was found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker who is able to inject packets into a client or server application's GSSAPI session could use this flaw to crash the application...

Command injection

The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service CLI session crash via a crafted command string...