Astra Linux - уязвимость в libssh

In libssh 0.9.4, there is a NULL pointer dereferencing in tftpserver.c if sshbuffernew returns NULL...

Security update for erlang26

This update for erlang26 fixes the following issues Security issues: CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681...

[SECURITY] [DLA 4590-1] erlang security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4590-1 [email protected] https://www.debian.org/lts/security/ Lucas Kanashiro May 18, 2026 https://wiki.debian.org/LTS -...

Security Bulletin: Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp

Summary Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

SUSE SLES15 Security Update : erlang (SUSE-SU-2026:1714-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1714-1 advisory. - CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. - CVE-2026-23941: HTTP Request Smuggling...

CLSA-2026-1778223262 curl: Fix of 3 CVEs

CVE-2016-8618: fix double-free in curlmaprintf - CVE-2016-8619: fix double-free in krb5 code - CVE-2019-5482: fix heap buffer overflow in TFTP receive...

curl: Fix of 3 CVEs

CVE-2016-8618: fix double-free in curlmaprintf - CVE-2016-8619: fix double-free in krb5 code - CVE-2019-5482: fix heap buffer overflow in TFTP receive...

Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability

Talos Vulnerability Report TALOS-2025-2305 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability May 7, 2026 CVE Number CVE-2026-30817 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore routeup functionality of Tp-Link...

Security update for erlang

This update for erlang fixes the following issues: CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681. CVE-2026-23943: denia...

SUSE-SU-2026:1714-1 Security update for erlang

This update for erlang fixes the following issues: - CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. - CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. - CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681. - CVE-2026-2394...

curl: Fix of 2 CVEs

CVE-2019-5436: tftp: use the current blksize for recvfrom - CVE-2016-8615: cookie: replace use of fgets with custom version...

CLSA-2026-1777877363 curl: Fix of 2 CVEs

CVE-2019-5436: tftp: use the current blksize for recvfrom - CVE-2016-8615: cookie: replace use of fgets with custom version...

CLSA-2026-1777878036 curl: Fix of 2 CVEs

CVE-2019-5436: tftp: use the current blksize for recvfrom - CVE-2016-8615: cookie: replace use of fgets with custom version...

Astra Linux - уязвимость в libslirp

An invalid pointer initialization issue was discovered in the SLiRP networking implementation of QEMU. The flaw resides in the tftpinput function and can occur when processing an UDP packet that is smaller than the size of the ‘tftpt’ structure. This issue may lead to out-of-bounds read access or...

openSUSE 16 Security Update : erlang (openSUSE-SU-2026:20607-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20607-1 advisory. Security issues fixed: - CVE-2026-21620: improper isolation and compartmentalization can lead to TFTP relative path traversal and remote arbitra...

Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...

Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...

Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...

SUSE-SU-2026:1141-1 Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: - Version 5.2.6-0 Update translation strings uyuni-tools: - Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after...

SUSE-SU-2026:1140-1 Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: - Version 5.2.6-0 Update translation strings uyuni-tools: - Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after...