SUSE-SU-2026:21827-1 Security update for mcphost

This update for mcphost fixes the following issues - CVE-2025-30153: github.com/getkin/kin-openapi/openapi3filter: Improper Handling of Highly Compressed Data Data Amplification in github.com/getkin/kin-openapi/openapi3filter bsc1264762. - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client...

libssh2: Fix of 2 CVEs

CVE-2019-13115: add bounds-checked stringbuf helpers and use them in diffiehellmansha1 to prevent out-of-bounds read on malformed KEX reply - CVE-2019-17498: harden bounds checks in SSHMSGDISCONNECT, SSHMSGDEBUG and SSHMSGGLOBALREQUEST handlers to prevent integer overflow / out-of-bounds read...

CLSA-2026-1776855642 Fix CVE(s): CVE-2019-17498, CVE-2019-3857

SECURITY UPDATE: Integer overflow leading to out-of-bounds write when SSHMSGCHANNELREQUEST packets with exit signal messages are parsed. - debian/patches/CVE-2019-3857.patch: check namelen + 1 does not overflow before allocation in exit-signal handling. - CVE-2019-3857 SECURITY UPDATE: Integer...

Amazon Linux 2 : runfinch-finch, --advisory ALAS2DOCKER-2025-092 (ALASDOCKER-2025-092)

The version of runfinch-finch installed on the remote host is prior to 1.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-092 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause...

EUVD-2011-1151

Malware in sbrugna...

EUVD-2018-7472

Malware in sbrugna...

ALPINE-CVE-2019-3862

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSHMSGCHANNELREQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...

CVE-2011-1137

Integer overflow in the modsftp aka SFTP module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service memory consumption leading to OOM kill via a malformed SSH message...

CVE-2011-1137

Integer overflow in the modsftp aka SFTP module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service memory consumption leading to OOM kill via a malformed SSH message...

CVE-2011-1137

Integer overflow in the modsftp aka SFTP module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service memory consumption leading to OOM kill via a malformed SSH message...

CVE-2011-1137

Integer overflow in the modsftp aka SFTP module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service memory consumption leading to OOM kill via a malformed SSH message...

CVE-2011-1137

CVE-2011-1137 is an integer overflow in ProFTPD’s mod_sftp that affects 1.3.3d and earlier, triggered by a malformed SSH message and causing memory exhaustion/DoS. The issue is in the mod_sftp code path, with remote attackers able to induce high memory use potentially leading to OOM. Public detai...