Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-021667)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021667 advisory. MariaDB through 10.5.9 allows a setvar.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery. Tenable has extracted the...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the ParseIP6Extended function. An attacker can cause the application to crash or become unresponsive by supplying a specially crafted BGP UPDATE message. Remediation There is no fixed version for...

CVE-2025-52949 Junos OS and Junos OS Evolved: In an EVPN environment, receipt of specifically malformed BGP update causes RPD crash

An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent BGP peer sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of...

SUSE CVE-2022-48940

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix crash due to incorrect copymapvalue When both bpfspinlock and bpftimer are present in a BPF map value, copymapvalue needs to skirt both objects when copying a value into and out of the map. However, the current code does...

frr security update

7.5.1-22.0.1 - Fix POSTIN scriptlet Orabug: 34712485 - Resolves: RHEL-15916 - Flowspec overflow in bgpd/bgpflowspec.c - Resolves: RHEL-15919 - Out of bounds read in bgpd/bgplabel.c - Resolves: RHEL-15869 - crash from specially crafted MPUNREACHNLRI-containing BGP UPDATE message - Resolves:...

frr: crafted BGP UPDATE message leading to a crash

A flaw was found in FRRouting. A crash can occur for a crafted BGP UPDATE message without mandatory attributes for example, one with only an unknown transit attribute...

SUSE CVE-2024-0752

A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. This could have resulted in an exploitable crash. This vulnerability affects Firefox 122...

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes).

...

SUSE CVE-2023-47234

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...

AZL-34690 CVE-2023-47234 affecting package frr for versions less than 9.1-2

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...

UBUNTU-CVE-2023-47234

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...

AZL-31728 CVE-2023-46753 affecting package frr for versions less than 8.5.3-3

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute...

SUSE CVE-2021-46662

MariaDB through 10.5.9 allows a setvar.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery...

CVE-2022-22220 Junos OS and Junos OS Evolved: Due to a race condition the rpd process can crash upon receipt of a BGP update message containing flow spec route

A Time-of-check Time-of-use TOCTOU Race Condition vulnerability in Routing Protocol Daemon rpd of Juniper Networks Junos OS, Junos OS Evolved allows a network-based unauthenticated attacker to cause a Denial of Service DoS. When a BGP flow route with redirect IP extended community is received, an...

MGASA-2022-0150 Updated libinput packages fix security vulnerability

libinput could be made to crash or expose sensitive information. CVE-2022-1215...

PT-2021-4687 · Canonical +1 · Apport +2

Name of the Vulnerable Software and Affected Versions: apport versions prior to 2.14.1-0ubuntu3.29+esm8 apport versions prior to 2.20.1-0ubuntu2.30+esm2 apport versions prior to 2.20.9-0ubuntu7.26 apport versions prior to 2.20.11-0ubuntu27.20 apport versions prior to 2.20.11-0ubuntu65.3...

poppler security update

0.66.0-27 - Fix crash on broken file in tilingPatternFill - Resolves: 1801341...

USN-4407-1 libvncserver vulnerabilities

It was discovered that LibVNCServer incorrectly handled decompressing data. An attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. CVE-2019-15680 It was discovered that an information disclosure vulnerability existed in LibVNCServer when sendin...