BIT-NGINX-2026-28753 NGINX ngx_mail_proxy_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxmailsmtpmodule module due to the improper handling of CRLF sequences in DNS responses. This allows an attacker-controlled DNS server to inject arbitrary headers into SMTP upstream requests, leading to potential request manipulation...

AZL-72871 CVE-2025-68331 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer When a UAS device is unplugged during data transfer, there is a probability of a system panic occurring. The root cause is an access to ...

CVE-2023-53548

In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fix WARNING in usbnetstartxmit/usbsubmiturb The syzbot fuzzer identified a problem in the usbnet driver: usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 0 PID: 754 at drivers/usb/core/urb.c:504...

CVE-2024-13724

The Wallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction plugin for WordPress is vulnerable to unauthorized access to functionality in all versions up to, and including, 2.6.2. This makes it possible for unauthenticated attackers to increase their...

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a Fortinet security operating system on the FortiGate network security platform.Fortinet FortiProxy is a secure network proxy that protects employees from cyberattacks by combining a variety of detection technologies such as Web filtering, DNS filtering, DLP, anti-virus,...

K17742627: cURL and libcurl vulnerability CVE-2016-8625

Security Advisory Description curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host. CVE-2016-8625 Impact Incorrect translation of International Doma...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2019-2136)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : curl (EulerOS-SA-2019-2136)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.CVE-2019-5482 - curl before version 7.51.0 uses outdated IDNA 2003...

Denial of service

An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests are mishandled...

CVE-2016-8625

curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host...

CVE-2016-8625

curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host...

CVE-2016-8625

curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host...

CVE-2016-8625

curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host...

CVE-2016-8625

curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host...

Updated bind packages fix security vulnerability

It was discovered that Bind incorrectly handled certain malformed responses to an ANY query. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service CVE-2016-9131. It was discovered that Bind incorrectly handled certain malformed responses to an AN...

CVE-2016-8625

curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host...

Windows BITS 'Notification' Feature Used to Deliver Malware

Attackers have found a new way to exploit the Widows Background Intelligent Transfer Service BITS which is being used to infect and reinfect targeted PCs with malware even after the initial infection has been removed. According to security researchers at Dell SecureWorks, attackers are exploiting...

SuSE 11.1 Security Update : finch, libpurple and pidgin (SAT Patch Number 6294)

Various remote triggerable crashes in pidgin have been fixed : - In some situations the MSN server sends text that isn't UTF-8 encoded, and Pidgin fails to verify the text's encoding. In some cases this can lead to a crash when attempting to display the text . CVE-2012-1178 - Incoming messages wi...

SuSE 10 Security Update : finch, libpurple, and pidgin (ZYPP Patch Number 8131)

Various remote triggerable crashes in pidgin have been fixed : - In some situations the MSN server sends text that isn't UTF-8 encoded, and Pidgin fails to verify the text's encoding. In some cases this can lead to a crash when attempting to display the text . CVE-2012-1178 - Incoming messages wi...

CVE-2005-1929

Multiple heap-based buffer overflows in 1 isaNVWRequest.dll and 2 relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunk...