OESA-2025-2086 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...

Overcoming TCP/IP Connection Limits with PgBouncer and PostgreSQL on Windows

Challenge When running PgBouncer and PostgreSQL on Windows, especially under high-load scenarios with frequent connect/disconnect cycles, you may encounter exhaustion of available TCP ports. This is due to many connections ending up in the TIMEWAIT state, preventing immediate reuse of those ports...

SUSE CVE-2024-58240

In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We...

DEBIAN-CVE-2024-58240

In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We...

CVE-2024-58240

In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We...

AZL-73914 CVE-2024-58240 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We...

UBUNTU-CVE-2024-58240

In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We...

CVE-2024-58240 tls: separate no-async decryption request handling from async

In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We...

CVE-2024-58240

CVE-2024-58240: In the Linux kernel TLS subsystem, the vulnerability concerns separation of no-async decryption request handling from async paths, which simplifies handling when not using async. The description states this change resolves an issue and references a prior fix that mitigated a race ...

CVE-2024-58240 tls: separate no-async decryption request handling from async

In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We...

Debian dla-4280 : libunbound-dev - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4280 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4280-1 [email protected]...

nginx 0.7.22 < 1.29.1 Information Disclosure

According to its Sever response header, the installed version of nginx is 0.7.22 prior to 1.29.1. It is, therefore, affected by the following issue : - NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SM...

PT-2025-36292

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The io futex wait function in the Linux kernel does not properly clean up resources on failure. Specifically, the io futex data is allocated but the corresponding flag indicating its...

Low: nginx

Issue Overview: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server...

BIT-NGINX-2025-53859 NGINX ngx_mail_smtp_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

Linux Distros Unpatched Vulnerability : CVE-2025-38488

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix use-after-free in cryptmessage when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from cryptmessage, assuming...

Linux Distros Unpatched Vulnerability : CVE-2021-28692

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPUs issuing such commands. In...

UBUNTU-CVE-2025-53859

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

Linux Distros Unpatched Vulnerability : CVE-2024-37078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix potential kernel bug due to lack of writeback flag waiting Destructive writes to a block device on which nilfs2 is mounted can cause a kernel bug in...

Linux Distros Unpatched Vulnerability : CVE-2024-36001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfs: Fix the pre-flush when appending to a file in writethrough mode In netfsperformwrite,...