Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: usb: host: xhci: Fixed a potential memory leak in xhciallocstreaminfo The xhciallocstreaminfo function allocates a stream context array for streaminfo-streamctxarray using xhciallocstreamctx. When an error occurs, the...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021622)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021622 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006949)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006949 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010887)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010887 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates...

php: Configuring a proxy in a stream context might allow for CRLF injection in URIs

A flaw was found in PHP. In affected versions of PHP, when using streams with configured proxy and "requestfulluri" option, the URI is not properly sanitized, which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the...

Linux Distros Unpatched Vulnerability : CVE-2022-50544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates stream context array for streaminfo -streamctxarray with...

CVE-2022-50544 usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()

In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates stream context array for streaminfo -streamctxarray with xhciallocstreamctx. When some error occurs, streaminfo-streamctxarray is not...

CVE-2022-50544 usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()

In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates stream context array for streaminfo -streamctxarray with xhciallocstreamctx. When some error occurs, streaminfo-streamctxarray is not...

CVE-2022-50544

In CVE-2022-50544, the Linux kernel USB host xHCI code (xhci_alloc_stream_info) allocates a stream_ctx_array via xhci_alloc_stream_ctx and fails to free stream_info->stream_ctx_array on certain error paths, causing a memory leak. The documented fix releases stream_info->stream_ctx_array wit...

EUVD-2010-2110

Malware in sbrugna...

PT-2025-41049

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the xhci alloc stream info function within the USB host controller interface of the Linux kernel. The function allocates memory for a stream context array but fai...

php: Configuring a proxy in a stream context might allow for CRLF injection in URIs

A flaw was found in PHP. In affected versions of PHP, when using streams with configured proxy and "requestfulluri" option, the URI is not properly sanitized, which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the...

Moderate: php:8.1 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 php: Configuring ...

Configuring a proxy in a stream context might allow for CRLF injection in URIs

...

CVE-2024-11234

The CVE-2024-11234 entry concerns HTTP request smuggling via PHP streams when a proxy is configured and the request_fulluri option is used. Affected PHP versions are 8.1.* before 8.1.31, 8.2.* before 8.2.26, and 8.3.* before 8.3.14. The vulnerability arises from improper URI sanitization in strea...

CVE-2024-11234 Configuring a proxy in a stream context might allow for CRLF injection in URIs

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, when using streams with configured proxy and "requestfulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests...

kernel: usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()

In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates stream context array for streaminfo -streamctxarray with xhciallocstreamctx. When some error occurs, streaminfo-streamctxarray is not...

SUSE CVE-2010-2093

Use-after-free vulnerability in the request shutdown functionality in PHP 5.2 before 5.2.13 and 5.3 before 5.3.2 allows context-dependent attackers to cause a denial of service crash via a stream context structure that is freed before destruction occurs...

Google AdWords API PHP Client Library 6.2.0 XXE Injection Vulnerability

Google AdWords API PHP client library versions 6.2.0 and below suffer from an XML eXternal Entity injection vulnerability. ============================================= - Release date: 06.11.2015 - Discovered by: Dawid Golunski - Severity: Medium/High =============================================...

Wordpress Spicy Blogroll Plugin - File Inclusion Vulnerability

No description provided by source. ?php // Title: Wordpress Plugin Spicy Blogroll File Inclusion Vulnerability // Date: 12-07-2013 GMT+8 Kuala Lumpur // Author: Ahlspiess // Greetz: All TBDIAN - http://w3.tbd.my : // Screenshot: http://i.imgur.com/jIrUznC.png / Details: File:...