119 matches found
JLSEC-2026-621 Thread-safety and out-of-bounds reads in the HTTP.jl content-type sniffer
Description The content-type sniffer had two memory/concurrency bugs. Number sniffing in isjson stored the strtod end-pointer out-parameter in a shared module-global VectorPtrUInt8; concurrent sniff calls on a multithreaded server raced on that single cell between the ccall and the subsequent rea...
Astra Linux – Vulnerability in libsoup2.4
A flaw was discovered in libsoup. A vulnerability exists in the functions snifffeedorhtml and skipinsignificantspace, which may lead to an over-reading of the heap buffer...
CVE-2026-33569
Anviz CX2 Lite and CX7 administrative sessions occur over HTTP, enabling on‑path attackers to sniff credentials and session data, which can be used to compromise the device...
CLSA-2026-1778944149 libsoup: Fix of CVE-2026-2369
CVE-2026-2369: fix integer underflow in sniffunknown on zero-length buffer that caused an out-of-bounds read in the content sniffer...
CLSA-2026-1778772686 libsoup: Fix of CVE-2026-2369
CVE-2026-2369: fix integer underflow in sniffunknown on zero-length buffer that caused an out-of-bounds read in the content sniffer...
CLSA-2026-1778662869 libsoup: Fix of CVE-2026-2369
CVE-2026-2369: fix integer underflow in sniffunknown on zero-length buffer that caused an out-of-bounds read in the content sniffer...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the sniff process. An attacker can cause the server to exhaust its memory resources by sending a specially crafted QUIC packet with a large crypto length after authenticating with ...
GHSA-9FW6-XGG2-MQ9Q Hysteria: A specially constructed quic package can crash the server OOM when the sniff is enabled
Summary A specially constructed quic package can crash the server OOM when the sniff is enabled. Details When the server has sniff enabled, a valid connection can request the server to forward UDP traffic and construct a huge crypto length. The server will allocate memory according to this length...
Hysteria: A specially constructed quic package can crash the server OOM when the sniff is enabled
Summary A specially constructed quic package can crash the server OOM when the sniff is enabled. Details When the server has sniff enabled, a valid connection can request the server to forward UDP traffic and construct a huge crypto length. The server will allocate memory according to this length...
CLSA-2026-1777659767 libsoup: Fix of CVE-2026-2369
CVE-2026-2369: fix integer underflow in sniffunknown on zero-length buffer that caused an out-of-bounds read in the content sniffer...
EUVD-2026-23484
Anviz CX2 Lite and CX7 administrative sessions occur over HTTP, enabling on‑path attackers to sniff credentials and session data, which can be used to compromise the device...
Anviz CX2 Lite 安全漏洞
The Anviz CX2 Lite is a smart terminal device from the American company Anviz, featuring integrated facial recognition and access control functions. The Anviz CX2 Lite has a security vulnerability; this vulnerability stems from the fact that management sessions are conducted via HTTP. This may...
GO-2026-4793 Traefik has a Potential mTLS Bypass via Fragmented TLS ClientHello Causing Pre-SNI Sniff Fallback to Default Non-mTLS TLS Config in github.com/traefik/traefik
Traefik has a Potential mTLS Bypass via Fragmented TLS ClientHello Causing Pre-SNI Sniff Fallback to Default Non-mTLS TLS Config in github.com/traefik/traefik...
EUVD-2026-14170
The Punnel – Landing Page Builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.3.1. The saveconfig function, which handles the 'punnelsaveconfig' AJAX action, lacks any capability check currentusercan and nonce verification. This makes it...
PT-2026-26864
The Punnel – Landing Page Builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.3.1. The save config function, which handles the 'punnel save config' AJAX action, lacks any capability check current user can and nonce verification. This makes i...
Traefik has a Potential mTLS Bypass via Fragmented TLS ClientHello Causing Pre-SNI Sniff Fallback to Default Non-mTLS TLS Config
Summary There is a potential vulnerability in Traefik's TLS SNI pre-sniffing logic related to fragmented ClientHello packets. When a TLS ClientHello is fragmented across multiple records, Traefik's SNI extraction may fail with an EOF and return an empty SNI. The TCP router then falls back to the...
Azure Linux 3.0 Security Update: kernel (CVE-2024-24859)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-24859 advisory. - A race condition was found in the Linux kernel's net/bluetooth in sniffmin,maxintervalset function. This can...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004259)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004259 advisory. The mincore implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on th...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004379)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004379 advisory. A race condition was found in the Linux kernel's net/bluetooth in sniffmin,maxintervalset function. This can result in a bluetooth sniffing exception issue, possibly...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003350)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003350 advisory. The netlinkdelivertapskb function in net/netlink/afnetlink.c in the Linux kernel through 4.14.4, when CONFIGNLMON is enabled, does not restrict observations of Netli...