Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a sequential error in the size limitation of the vsock buffer. Instead of limiting the minimum...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011365)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011365 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbdioctl arg...

EUVD-2008-4349

Malware in sbrugna...

EUVD-2023-0279

Malicious code in bioql PyPI...

SUSE-SU-2025:02100-1 Security update for gimp

This update for gimp fixes the following issues: - CVE-2025-5473: Fix exceed the maximum allowed size bsc1244058...

CVE-2022-49963 drm/i915/ttm: fix CCS handling

In the Linux kernel, the following vulnerability has been resolved: drm/i915/ttm: fix CCS handling Crucible + recent Mesa seems to sometimes hit: GEMBUGONnumccsblks NUMCCSBLKSPERXFER And it looks like we can also trigger this with gemlmemswapping, if we modify the test to use slightly larger obje...

CVE-2019-13612

MDaemon Email Server 19 through 20.0.1 skips SpamAssassin checks by default for e-mail messages larger than 2 MB and limits checks to 10 MB even with special configuration, which is arguably inconsistent with currently popular message sizes. This might interfere with risk management for malicious...

CVE-2025-29786

CVE-2025-29786 concerns the Expr expression parser (Go). Prior to 1.17.0, unbounded input can cause the parser to build an excessively large AST, leading to high memory usage or an OOM crash. The issue is mitigated by a patch in 1.17.0 that enforces node budget and memory limits during parsing. R...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 23.10 : LibTIFF vulnerabilities (USN-6644-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6644-1 advisory. It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a...

Denial Of Service (DoS)

lestrrat-go/jwx is vulnerable to Denial Of Service DoS. The vulnerability is due to a lack of size limitation for the p2c parameter used in PBKDF2 based encryptions, which allows an attacker to cause DoS if the p2c is set too high...

CVE-2023-46120 RabbitMQ Java client's lack of message size limitation leads to remote DoS attack

The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. maxBodyLebgth was not used when receiving Message objects. Attackers could send a very large Message causing a memory overflow and triggering an OOM Error. Users of RabbitMQ may...

CVE-2023-46120 RabbitMQ Java client's lack of message size limitation leads to remote DoS attack

The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. maxBodyLebgth was not used when receiving Message objects. Attackers could send a very large Message causing a memory overflow and triggering an OOM Error. Users of RabbitMQ may...

CVE-2022-2406

Mattermost CVE-2022-2406 concerns the legacy Slack import feature (v6.7.0 and earlier). The root cause is failure to properly limit imported file sizes, allowing an authenticated attacker to crash the server by uploading large files via the Slack import REST API. Impact is a DoS affecting availab...

Denial Of Service (DoS)

liblcms2.so is vulnerable to denial of service. The vulnerability exists in the AllocateDataSet function of cmscgats.c because of not limiting the size of the Data from integer multiplication, leading to an attack if a malicious IT8 calibration file is passed to the second argument to...

Cross site scripting

The Apache DeltaSpike-JSF 1.8.0 module has a XSS injection leak in the windowId handling. The default size of the windowId get's cut off after 10 characters by default, so the impact might be limited. A fix got applied and released in Apache deltaspike-1.8.1...

Denial Of Service (DoS)

github.com/ugorji/go is vulnerable to denial of service DoS attacks. The vulnerability exists because it doe not limit the size of length of input when it decodes a very large or corrupted string or bytes value...

StoreFront Upgrade Fails with Large Subscription Database

Note: This issue is not found in Storefront 3.11 and later versions. StoreFront upgrade fails with large subscription database. C:\Windows\Temp\StoreFront\CitrixMSI-CitrixStoreFront log points to following error: An error occurredcreating the snapshot: 'System.IO.IOException: The file is too long...

Secure Mail unable to send large files.

Having problems using Secure Mail client in sending large files greater than 7 to 10MB Verifyed the WM Logs and could see the following error , where by the mail is send to the Outbox ERROR 2Response contained WBXML content with contentLength=15 for activeSyncCommand=SendMail INFO 4SendMail -...

Veeam Explorer for SharePoint - Item Restore Fails Due to SQL Express Database Size Limitation

Challenge When performing a SharePoint item restore using Veeam Explore for Microsoft Sharepoint, the following error occurs: CREATE DATABASE or ALTER DATABASE failed because the resulting cumulative database size would exceed your licensed limit of 10240 MB per database or CREATE DATABASE or ALT...

Failed to write data to the file *.vbk - file too large

Challenge The job fails with the "File too large" error. ERR |Command 'FibWrite0x000x7effec02c0d0' has failed. Failed to process method Transform.Patch: File too large Cause The file system or operating system of the Linux repository does not support the size of the backup file. The maximum file...