Lucene search
K

70 matches found

SUSE Linux
SUSE Linux
added 2025/07/25 10:20 p.m.3 views

Security update for qemu

This update for qemu fixes the following issues: CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure bsc1229007 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

8.2CVSS7.8AI score0.01027EPSS
Exploits0References4
OSV
OSV
added 2025/07/25 10:20 p.m.5 views

SUSE-SU-2025:02530-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure bsc1229007...

7.5CVSS7.1AI score0.01027EPSS
Exploits0References3
NVD
NVD
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38459

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix infinite recursive call of clippush. syzbot reported the splat below. 0 This happens if we call ioctlATMARPMKIP more than once. During the first call, clipmkip sets clippush to vcc-push, and the second call copies ...

7.8CVSS0.0017EPSS
Exploits0References10
F5 Networks
F5 Networks
added 2025/06/10 8:46 p.m.20 views

K000151779: Node.js vulnerabilities CVE-2025-23083 and CVE-2025-23085

Security Advisory Description CVE-2025-23083 With the aid of the diagnosticschannel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be...

7.7CVSS6.5AI score0.01327EPSS
Exploits0
OSV
OSV
added 2025/02/11 7:16 a.m.11 views

BIT-NODE-2025-23085

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory...

5.3CVSS6AI score0.01327EPSS
Exploits0References4
OSV
OSV
added 2025/02/11 7:15 a.m.13 views

BIT-NODE-MIN-2025-23085

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory...

5.3CVSS6AI score0.01327EPSS
Exploits0References4
OSV
OSV
added 2025/02/07 7:15 a.m.8 views

CVE-2025-23085

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory...

6.5AI score0.01327EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/07 7:9 a.m.7 views

CVE-2025-23085

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory...

5.3CVSS6.6AI score0.01327EPSS
Exploits0References1
CVE
CVE
added 2025/02/07 7:9 a.m.351 views

CVE-2025-23085

CVE-2025-23085 describes a memory leak in Node.js HTTP/2 server handling that can occur when a remote peer closes the socket without GOAWAY, or when nghttp2 terminates a connection due to an invalid header. The resulting leak can increase memory usage and, under certain conditions, enable denial ...

5.3CVSS6.8AI score0.01327EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2025/02/07 7:9 a.m.14 views

CVE-2025-23085

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory...

5.3CVSS5.7AI score0.01327EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/21 12:0 a.m.2 views

PT-2025-4815

Name of the Vulnerable Software and Affected Versions Node.js versions 18.x through 23.x Description A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to...

5.3CVSS6.7AI score0.01327EPSS
Exploits0References151
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.8 views

PT-2025-36264

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free UAF vulnerability exists in the net/smc module of the Linux kernel. The issue occurs because newclcsock-sk can become NULL after smc listen out connected releases the...

7.8CVSS7.1AI score0.00161EPSS
Exploits0
Cvelist
Cvelist
added 2024/12/27 3:6 p.m.27 views

CVE-2024-56664 bpf, sockmap: Fix race between element replace and close()

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close Element replace with a socket different from the one stored may race with socket's close link popping & unlinking. sockmapdelete unconditionally unrefs the wrong element: /...

0.00173EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2024/12/12 1:22 p.m.0 views

Security update for qemu

This update for qemu fixes the following issues: CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure bsc1229007 CVE-2024-8354: Fixed assertion failure in usbepget in usb bsc1230834 CVE-2024-8612: Fixed information leak in virtio devices...

8.2CVSS6.5AI score0.01027EPSS
Exploits0References12
AstraLinux
AstraLinux
added 2024/11/23 3:4 a.m.4 views

Astra Linux – Vulnerability in Python 3.11

A vulnerability was discovered in Python before version 3.8.18, 3.9.x before version 3.9.18, 3.10.x before version 3.10.13, and 3.11.x before version 3.11.5. This vulnerability primarily affects servers such as HTTP servers that use TLS client authentication. When a TLS server-side socket is...

5.3CVSS6.8AI score0.0079EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/11/19 2:36 a.m.10 views

QEMU: Denial of Service via Improper Synchronization in QEMU NBD Server During Socket Closure

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

7.5CVSS7AI score0.01027EPSS
Exploits0References4
Hacker One
Hacker One
added 2024/11/14 5:19 p.m.80 views

Node.js: GOAWAY HTTP/2 frames cause memory leak outside heap

A memory leak could occur when a remote peer abruptly closed the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could have led to increased memory...

5.3CVSS6.5AI score0.01327EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/11/12 9:14 a.m.9 views

QEMU: Denial of Service via Improper Synchronization in QEMU NBD Server During Socket Closure

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

7.5CVSS7AI score0.01027EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/10/01 2:51 a.m.3 views

QEMU: Denial of Service via Improper Synchronization in QEMU NBD Server During Socket Closure

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

7.5CVSS7AI score0.01027EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/09/24 3:34 a.m.18 views

QEMU: Denial of Service via Improper Synchronization in QEMU NBD Server During Socket Closure

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...

7.5CVSS7AI score0.01027EPSS
Exploits0References4
Rows per page
Query Builder