514 matches found
expat: Fix of CVE-2026-41080
CVE-2026-41080: backport SipHash-based hash-flooding protection with a full 16 bytes of salt entropy and add the XMLSetHashSalt16Bytes API...
python: Fix of CVE-2026-7210
CVE-2026-7210: when hash randomization is enabled, seed libexpat's hash-flooding protection in pyexpat with a full 16 bytes of entropy via XMLSetHashSalt16Bytes, detected at runtime through a weak symbol so it activates once the system libexpat exposes it, instead of the 4-8 byte XMLSetHashSalt...
vim: Fix of CVE-2026-41411
CVE-2026-41411: fix OS command injection in tag file processing by disallowing backticks in the filename field before wildcard expansion upstream patch 9.2.0357...
bind: Fix of CVE-2025-40778
CVE-2025-40778: Tighten restrictions on caching NS RRsets in the authority section require the NS owner name to be an ancestor of the queried name to prevent cache poisoning via spoofed records...
mysql: Fix of 3 CVEs
CVE-2018-2562: fix DoS / data corruption in partitioned MEMORY tables Server: Partition - CVE-2018-2773: warn when --pid-file is in a world-writable location BUG26585560 - CVE-2018-3174: stop server as the mysql user in mysql.init so an attacker who controls the pid file cannot trick init into...
dovecot: Fix of CVE-2017-14461
CVE-2017-14461: lib-mail: fix out-of-bounds read when parsing an invalid email address in parseaddrspec...
ImageMagick: Fix of CVE-2026-30883
CVE-2026-30883: fix heap overflow when encoding PNG with oversized profile...
perl: Fix of CVE-2026-8376
CVE-2026-8376: fix heap buffer overflow in Sstudychunk when compiling regular expressions with a repeated fixed string on 32-bit builds mincount l overflow...
polkit: Fix of CVE-2018-1116
CVE-2018-1116: polkit trusts client-supplied UID in CheckAuthorization, allowing a local attacker to spoof or DoS the authentication-agent dialog of unrelated processes...
bind: Fix of CVE-2026-1519
CVE-2026-1519: Limit NSEC3 iterations when validating referrals to unsigned delegations to avoid excessive CPU consumption...
rsync: Fix of CVE-2026-41035
CVE-2026-41035: fix use-after-free in receivexattr by using tempxattr.count instead of the stale count in qsort...
vim: Fix of CVE-2026-46483
CVE-2026-46483: fix command injection in the tar plugin's tarVimuntar function by using the correct shellescapetartail, 1 form so that a crafted .tgz filename cannot trigger cmdline-special expansion in the :! command...
postfix: Fix of CVE-2026-43964
makedefs: support Linux kernel = 3 on build hosts - CVE-2026-43964: fix buffer over-read on enhanced status code without trailing text...
samba: Fix of 2 CVEs
CVE-2019-3880: Refuse winreg SaveKey/RestoreKey RPCs to prevent writing registry hive files outside intended share boundaries via symlink races - CVE-2019-10218: Reject server-supplied filenames containing path separators in SMB1 directory listings to protect libsmbclient consumers from path...
java-1.8.0-openjdk: Fix of 7 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u492-b09. That fixes following CVEs: - CVE-2026-22003: hotspot DoS via sandboxed Java Web Start/applets with untrusted code resource exhaustion - CVE-2026-22007: Security component, local high-complexity low-impact info disclosure -...
rsync: Fix of 2 CVEs
CVE-2026-43618: fix integer overflow in compressed-token decoding that could leak rsync process memory contents over the wire - CVE-2026-29518: fix TOCTOU race on parent path components in non-chroot daemon by routing receiver/sender opens, chmod, and chdir through per- component ONOFOLLOW secure...
nginx: Fix of CVE-2026-9256
CVE-2026-9256: fix heap buffer overflow with overlapping captures in ngxhttprewritemodule...
php: Fix of CVE-2026-6735
CVE-2026-6735: fix XSS within FPM status endpoint...
expat: Fix of CVE-2026-45186
CVE-2026-45186: fix quadratic runtime in attribute collision detection by using a hash table for default attribute names instead of an On^2 loop...
dovecot: Fix of 2 CVEs
CVE-2026-42006: lib-imap: fix listcountlimit to actually count open '' instead of close '', preventing an imap-login memory-exhaustion DoS that bypassed the CVE-2026-27857 fix...
tomcat6: Fix of CVE-2026-41284
CVE-2026-41284: tomcat6: WebDAV LOCK/PROPFIND unbounded request body DoS...
httpd: Fix of 5 CVEs
CVE-2026-28780: modproxyajp 4-byte heap buffer overflow when contacting a malicious AJP backend off-by-AJPHEADERLEN check in ajpmsgcheckheader - CVE-2026-34059: modproxyajp heap over-read in ajpparsedata on short AJP replies - CVE-2026-33006: modauthdigest used non-constant-time strcmp for...
php: Fix of CVE-2026-7262
CVE-2026-7262: fix NULL pointer dereference in SOAP apache map decoder typemap configured...
vim: Fix of CVE-2026-42307
CVE-2026-42307: fix OS command injection in netrw plugin via crafted sftp:// URLs by hardening the tempfile suffix regex and escaping the tempfile argument before passing it to the sftp command...
quagga: Fix of CVE-2018-5380
CVE-2018-5380: fix BGP NOTIFY debug-print msg array over-read...
nginx: Fix of CVE-2026-42945
CVE-2026-42945: fix heap buffer overflow in ngxhttprewritemodule...
php: Fix of 2 CVEs
CVE-2026-6722: Use-after-free in SOAP ext via stale refmap pointer - CVE-2026-7261: Use-after-free in SOAP after header parse failure with SOAPPERSISTENCESESSION...
subversion: Fix of CVE-2018-11782
CVE-2018-11782: fix svnserve DoS via well-formed read-only get-deleted-rev request...
libssh2: Fix of 2 CVEs
CVE-2019-3860: bounds-check SFTP packet sizes in sftppacketrequire/v and sftpbin2attr - CVE-2019-3861: bounds-check paddinglength in libssh2transportread...
python: Fix of 4 CVEs
CVE-2019-9740: reject control characters in HTTP URL paths in httplib.HTTPConnection.putrequest to prevent CRLF header injection - CVE-2019-18348: reject control characters in hostnames in httplib.HTTPConnection.init via a new validatehost helper to prevent CRLF header injection the glibc...
curl: Fix of 2 CVEs
CVE-2018-1000120: fix buffer overflow exists in the FTP URL handling - CVE-2018-1000007: fix leak authentication data to third parties in HTTP requests...
libssh2: Fix of CVE-2026-7598
CVE-2026-7598: add usernamelen/passwordlen bounds checks in userauthlist and userauthpassword to prevent integer overflow when allocating the SSH USERAUTHREQUEST packet buffer...
samba: Fix of CVE-2017-15275
CVE-2017-15275: Fix server heap memory information leak by zeroing unused area when messagepushstring grows the talloc buffer...
dovecot: Fix of CVE-2026-27857
CVE-2026-27857: imap-login: limit IMAP parser open lists to prevent excessive memory usage...
openssh: Fix of CVE-2026-35386
CVE-2026-35386: fix client-side command execution via control characters in usernames by adding iscntrl rejection to validruser...
bzip2: Fix of CVE-2019-12900
CVE-2019-12900: fix out-of-bounds write in BZ2decompress many selectors...
httpd: Fix of 2 CVEs
CVE-2017-15710: modauthnzldap out-of-bounds write when accept-language header value is shorter than two characters - CVE-2017-15715: regex anchor in / can match before an embedded newline, allowing .htaccess bypass of trailing-extension filters...
openssh: Fix of CVE-2026-35414
CVE-2026-35414: fix authorizedkeys principals option mishandling with comma-containing CA principals...
exim: Fix of CVE-2026-40685
CVE-2026-40685: fix OOB heap write in dewrap during JSON expansion...
libssh2: Fix of 2 CVEs
CVE-2019-13115: add bounds-checked stringbuf helpers and use them in diffiehellmansha1 to prevent out-of-bounds read on malformed KEX reply - CVE-2019-17498: harden bounds checks in SSHMSGDISCONNECT, SSHMSGDEBUG and SSHMSGGLOBALREQUEST handlers to prevent integer overflow / out-of-bounds read...
php: Fix of 3 CVEs
CVE-2018-5711: Fix infinite loop in gdImageCreateFromGifCtx libgd when reading crafted GIF - CVE-2018-17082: Fix XSS via Transfer-Encoding: chunked in apache2 SAPI - CVE-2018-10545: Do not set PRSETDUMPABLE by default in php-fpm child...
quagga: Fix of CVE-2018-5381
CVE-2018-5381: bgpd capability parser can enter an infinite loop on invalid OPEN messages whose Multi-Protocol capability has an unrecognized AFI/SAFI, causing a denial of service...
curl: Fix of 3 CVEs
CVE-2016-8618: fix double-free in curlmaprintf - CVE-2016-8619: fix double-free in krb5 code - CVE-2019-5482: fix heap buffer overflow in TFTP receive...
cups: Fix of CVE-2026-27447
CVE-2026-27447: fix authorization bypass via case-insensitive username comparison in scheduler...
cyrus-sasl: Fix of CVE-2019-19906
CVE-2019-19906: fix off-by-one in sasladdstring lib/common.c that could cause denial of service or information disclosure via crafted input...
openssh: Fix of CVE-2026-35385
CVE-2026-35385: fix scp legacy protocol receiver to clear setuid/setgid bits from downloaded files when -p preserve mode is not set...
libwebp: Fix of 6 CVEs
CVE-2018-25009: fix out-of-bounds read in GetLE16 by validating VP8X chunk size - CVE-2018-25010: fix heap-based buffer overflow in ApplyFilter by limiting filter radius to image dimensions - CVE-2018-25011: fix heap-based buffer overflow in PutLE16 by rejecting multiple image chunks in ANMF...
exim: Fix of CVE-2026-40687
CVE-2026-40687: fix uninitialized buffer and out-of-bounds writes in SPA authenticator...
spamassassin: Fix of CVE-2018-11805
CVE-2018-11805: require --reallyallowplugins for sa-update --allowplugins to mitigate plugin injection from updates...
tar: Fix of CVE-2019-9923
CVE-2019-9923: fix NULL pointer dereference in paxdecodeheader on malformed PAX extended headers...