USN-8233-2: nghttp2 vulnerability

USN-8233-1 fixed a vulnerability in nghttp2. This update provides the corresponding update for Ubuntu 26.04 LTS. Original advisory details: Andrew MacPherson discovered that nghttp2 did not properly validate internal state when the session termination API was called. A remote attacker could...

ISC BIND 9.18.40 < 9.18.44 / 9.18.40-S1 < 9.18.44-S1 / 9.20.13 < 9.20.18 / 9.20.13-S1 < 9.20.18-S1 / 9.21.12 < 9.21.17 Vulnerability (cve-2025-13878)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2025-13878 advisory. - Malformed BRID/HHIT records can cause named to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through...

CVE-2025-61990

CVE-2025-61990 affects F5 BIG-IP Traffic Management Microkernel (TMM) on multi-bladed platforms. An undisclosed traffic pattern can cause TMM to terminate, producing a DoS as the TMM restarts. Affected products include BIG-IP (various modules) and BIG-IP Next branches (SPK/CNF/Kubernetes) with vu...

CVE-2025-55670

On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

EUVD-2004-2348

Malware in sbrugna...

EUVD-2023-31684

Malicious code in bioql PyPI...

CVE-2025-53642

The CVE concerns haxcms-nodejs and haxcms-php backends for HAXcms. The logout flow does not terminate the user session or clear cookies, and a refresh token is issued on logout, enabling potential continued access. Affected versions are haxcms-nodejs and haxcms-php prior to 11.0.6. The issue is m...

CVE-2025-53642 haxcms-nodejs and haxcms-php Improperly Terminate Sessions

haxcms-nodejs and haxcms-php are backends for HAXcms. The logout function within the application does not terminate a user's session or clear their cookies. Additionally, the application issues a refresh token when logging out. This vulnerability is fixed in 11.0.6...

CVE-2019-17375

cPanel before 82.0.15 allows API token credentials to persist after an account has been renamed or terminated SEC-517...

CVE-2025-24120

CVE-2025-24120 affects macOS where an issue was caused by improper lifecycle management of an object. The NVD entry states the vulnerability could allow an attacker to trigger unexpected application termination. Affected platforms and patched versions are macOS Ventura 13.7.3, macOS Sequoia 15.3,...

CVE-2023-22281 BIG-IP AFM vulnerability

On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP AFM NAT policy with a destination NAT rule is configured on a FastL4 virtual server, undisclosed traffic can cause the Traffic Management Microkernel...

Out-of-bounds

In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116351796...

JP1/NETM/DM SubManager and JP1/NETM/DM Client Process Termination Vulnerability

Overview JP1/NETM/DM SubManager and JP1/NETM/DM Client, enabled with the JP1 event notification setting, have a process termination vulnerability where process may terminate when error occurs while receiving job execution requests. Impact A computer may not be able to receive job execution reques...

openSUSE 10 Security Update : lighttpd (lighttpd-5216)

An error in one SSL connection could lead to termination of all SSL connections CVE-2008-1531 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update lighttpd-5216. The text description of this plugin...

MS07-040: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212) (uncredentialed check)

The remote web server is running a version of the ASP.NET framework that contains multiple vulnerabilities : - A PE Loader vulnerability could allow an attacker to execute arbitrary code with the privilege of the logged-on user. - A ASP.NET NULL byte termination vulnerability could allow an...

Design/Logic Flaw

Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to access configuration files and obtain sensitive information, and possibly bypass security mechanisms that try to constrain the final substring o...

CVE-2007-0042

Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to access configuration files and obtain sensitive information, and possibly bypass security mechanisms that try to constrain the final substring o...

CVE-2007-0042

Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to access configuration files and obtain sensitive information, and possibly bypass security mechanisms that try to constrain the final substring o...