CVE-2026-43974

Unexpected Status Code or Return Value vulnerability in ninenines gun gunhttp module allows a malicious HTTP server to force the client into raw protocol mode via an unsolicited 101 Switching Protocols response. In gunhttp:handleinform/8, when a 101 Switching Protocols response is received over...

CVE-2026-47067 Atom table exhaustion via unrecognized URL schemes in hackney

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The URL parser in src/hackneyurl.erl converts every unrecognized URL scheme to a permanent BEAM atom via binarytoatom/2. BEAM atoms are never garbage-collected and the atom table defaults to a...

CVE-2026-47067 Atom table exhaustion via unrecognized URL schemes in hackney

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The URL parser in src/hackneyurl.erl converts every unrecognized URL scheme to a permanent BEAM atom via binarytoatom/2. BEAM atoms are never garbage-collected and the atom table defaults to a...

CVE-2026-47067

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The URL parser in src/hackneyurl.erl converts every unrecognized URL scheme to a permanent BEAM atom via binarytoatom/2. BEAM atoms are never garbage-collected and the atom table defaults to a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fixed an overflow issue within virtnetrqalloc. When a fragment receives a single page, it may lead to regressions in the virtual machine. This issue is particularly significant if the sysctl...

Decimal 资源管理错误漏洞

Decimal is a arbitrary-precision decimal arithmetic library developed by Eric Meadows-Jönsson. In versions 0.1.0 to 3.0.0 of Decimal, there was a resource management vulnerability. This vulnerability stemmed from the lack of restrictions on the parsed exponents, which could lead to unauthorized...

UBUNTU-CVE-2023-54092

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Having t...

CVE-2023-54092

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Having t...

CVE-2023-54092 KVM: s390: pv: fix index value of replaced ASCE

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Having t...

EUVD-2018-18709

Malware in sbrugna...

EUVD-2018-18716

Malware in sbrugna...

EUVD-2018-18710

Malware in sbrugna...

EUVD-2017-14016

Malware in sbrugna...

EUVD-2017-14055

Malware in sbrugna...

EUVD-2020-18275

Malware in sbrugna...

CVE-2024-57843

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix overflow inside virtnetrqalloc When the frag just got a page, then may lead to regression on VM. Specially if the sysctl net.core.highorderallocdisable value is 1, then the frag always get a page when do refill...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

shopify-scripts: Null target_class DoS

The Objectinstanceexec method in mrbgems/mruby-object-ext/src/object.c executes a block in the context of an object. It sets the VM's targetclass pointer to the singleton class of this object. targetclass is used as the definition target for constants and methods. If a singleton class cannot be...

CVE-2016-6259

CVE-2016-6259 affects Xen 4.5.x–4.7.x where SMAP whitelisting is not implemented for 32-bit exception/event delivery. This enables local 32-bit PV guests to trigger a safety check that can crash the hypervisor or VMs (DoS). The root cause is missing Supervisor Mode Access Prevention whitelisting ...

QEMU Denial of Service Vulnerability (CNVD-2016-01943)

QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A security vulnerability exists in QEMU versions 1.6.0 through 2.3.1. When a program maps addresses to MemoryRegionSection using 'addressspacetranslate', an attacker ca...