EUVD-2026-38717

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix fragment reassembly length accounting batman-adv keeps a running payload length for queued fragments and uses it to validate a fragment chain before reassembly. That accounting currently allows the accumulated...

Astra Linux - уязвимость в openssl1.0

Calls to the EVPCipherUpdate, EVPEncryptUpdate, and EVPDecryptUpdate functions may cause the output length argument to overflow in some cases where the input length is close to the maximum permissible length for integers on the platform. In such cases, the return value from the function call will...

JLSEC-2026-221 Integer Overflow in openssl-src

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

CVE-2026-31814

Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. From 0.13.0 to before 0.13.9, a specially crafted WindowUpdate can cause arithmetic overflow in send-window accounting, which triggers a panic in the connection state machine. This is remotely reachable over a normal...

EUVD-2017-2640

Malware in sbrugna...

Netty affected by MadeYouReset HTTP/2 DDoS vulnerability

Below is a technical explanation of a newly discovered vulnerability in HTTP/2, which we refer to as “MadeYouReset.” MadeYouReset Vulnerability Summary The MadeYouReset DDoS vulnerability is a logical vulnerability in the HTTP/2 protocol, that uses malformed HTTP/2 control frames in order to brea...

UBUNTU-CVE-2023-37457

Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionality of the PJSIPHEADER dialplan function can exceed the available buffer space...

SUSE CVE-2016-2106

Integer overflow in the EVPEncryptUpdate function in crypto/evp/evpenc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service heap memory corruption via a large amount of data...

ALSA-2022:8112 Moderate: frr security, bug fix, and enhancement update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. The following packages have been upgraded to a later upstream version: frr 8.2.2. BZ2069563 Security Fixes: frrouting: overflow bugs in...

openssl: integer overflow in CipherUpdate

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

The vulnerability of the EVP_CipherUpdate, EVP_EncryptUpdate, and EVP_DecryptUpdate functions in the OpenSSL library for TLS and SSL protocols, related to integer overflow, allows attackers to cause service interruptions.

The vulnerability of the EVPCipherUpdate, EVPEncryptUpdate, and EVPDecryptUpdate functions in the OpenSSL library for TLS and SSL protocols is related to a numerical overflow condition. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

ALPINE-CVE-2021-23840

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

DEBIAN-CVE-2021-23840

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

OPENSUSE-SU-2020:0062-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: Security issue fixed: - CVE-2019-1551: Fixed an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli bsc1158809. Various FIPS related improvements were done: - FIPS: Backport SSH KDF to openssl...

Exempi 'MD5Update()' function heap buffer overflow vulnerability

Exempi is an open source implementation of XMP based on the Adobe XMP SDK. A heap buffer overflow vulnerability exists in the 'MD5Update' function of the third-party/zuid/interfaces/MD5.cpp file in Exempi 2.4.4 and earlier, which stems from the XMPFiles/source/FileHandlers/TIFFHandler. The cpp fi...

openssl: EVP_EncryptUpdate overflow

An integer overflow flaw, leading to a buffer overflow, was found in the way the EVPEncryptUpdate function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of t...

openssl: EVP_EncryptUpdate overflow

An integer overflow flaw, leading to a buffer overflow, was found in the way the EVPEncryptUpdate function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of t...

openssl: EVP_EncryptUpdate overflow

An integer overflow flaw, leading to a buffer overflow, was found in the way the EVPEncryptUpdate function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of t...

openssl: EVP_EncryptUpdate overflow

An integer overflow flaw, leading to a buffer overflow, was found in the way the EVPEncryptUpdate function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of t...

Ubuntu Update for firefox-3.0, xulrunner-1.9 vulnerabilities USN-626-1

Ubuntu Update for Linux kernel vulnerabilities USN-626-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6261.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox-3.0, xulrunner-1.9 vulnerabilities USN-626-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks Gmb...