CVE-2026-23335 RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix kernel stack leak in irdmacreateuserah struct irdmacreateahresp // 8 bytes, no padding u32 ahid; // offset 0 - SET uresp.ahid = ah-scah.ahinfo.ahidx u8 rsvd4; // offset 4 - NEVER SET - LEAK ; rsvd4: 4 bytes of sta...

EUVD-2018-0523

Malware in sbrugna...

CVE-2019-14077

Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired...

CVE-2024-43196

IBM OpenPages with Watson 8.3 and 9.0 application could allow an authenticated user to manipulate data in the Questionnaires application allowing the user to spoof other users' responses...

CVE-2022-36105

Summary of CVE-2022-36105 (TYPO3 user enumeration via response timing) TYPO3 CMS is vulnerable to a timing-based information disclosure during user authentication (backend and frontend). An observer can distinguish existing vs. non-existing user accounts by measuring response times. The issue aff...

CVE-2021-41530

Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured...

Design/Logic Flaw

Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured...

Forcepoint NGFW Engine 安全漏洞

Forcepoint NGFW Engine is a next-generation firewall solution from Forcepoint Corporation. A security vulnerability exists in Forcepoint NGFW Engine that originates from a TCP reflection amplification vulnerability in the affected software if the user configures HTTP User Response...

Apache Tomcat Race Condition vulnerability

If an async request was completed by the application at the same time as the container triggered the async timeout, a race condition existed that could result in a user seeing a response intended for a different user. An additional issue was present in the NIO and NIO2 connectors that did not...

CVE-2018-8037

If an async request was completed by the application at the same time as the container triggered the async timeout, a race condition existed that could result in a user seeing a response intended for a different user. An additional issue was present in the NIO and NIO2 connectors that did not...

GNU Ffingerd 1.19 - Username Validity Disclosure

GNU Ffingerd 1.19 - Username Validity Disclosure source: https://www.securityfocus.com/bid/1841/info A vulnerability in Ffingerd version 1.19, the popular remote user-information server, which allows a remote user to determine whether or not a given username exists on the system. Normally, if a...