CVE-2026-12151 vulnerabilities

Vulnerabilities for packages: pelias-api, kibana, code-server, node-gyp, prism, npm, haraka, actions-runner...

CVE-2026-12151 vulnerabilities

Vulnerabilities for packages: code-server, node-gyp, npm, prism...

DEBIAN-CVE-2026-12151

Impact: The undici WebSocket client enforces maxPayloadSize on the cumulative byte count of fragments in a message but does not enforce a limit on the number of fragments. A malicious WebSocket server can stream many small or empty continuation frames that each pass per-frame and cumulative-size...

CVE-2026-12151

creationtimestamp| type| source ---|---|--- 2026-06-17 16:12:44+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3moipe7e5is2g 2026-06-17 18:55:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moiyi3y4jq27 2026-06-18 15:59:01+00:00| seen|...

CVE-2026-12151

The CVE affects the undici WebSocket client (and WebSocketStream API) where maxPayloadSize is enforced per-frame but there is no limit on the number of fragments in a message. A malicious server can send many small or empty continuation frames, each passing validation, causing unbounded memory gr...

EUVD-2017-6555

Malware in sbrugna...

CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

CVE-2024-12151

creationtimestamp| type| source ---|---|--- 2024-12-04 17:42:36+00:00| seen| https://infosec.exchange/users/cve/statuses/113595787225996422 2024-12-04 20:06:41+00:00| seen| https://t.me/cvedetector/12024...

CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

CVE-2024-12151

CVE-2024-12151 affects Devolutions Server (versions 2024.3.8.0 and earlier) due to an incorrect permission assignment in the User Migration feature, allowing users to retain their old permission sets. The vulnerable component is the User Migration feature; root cause: incorrect permission handlin...

RHEL 6 : samba4 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - samba: SMB2 connections don't keep encryption across DFS redirects CVE-2017-12151 - smbd in Samba before...

Intel® Extreme Tuning Utility Advisory

Summary: Potential security vulnerabilities in Intel® Extreme Tuning Utility may allow privilege escalation or information disclosure. Intel is releasing Intel® Extreme Tuning Utility updates to mitigate these potential vulnerabilities. Vulnerability Details CVEID: CVE-2018-12150 Description:...

SUSE CVE-2017-12151

A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the...

SUSE CVE-2017-15086

It was discovered that the fix for CVE-2017-12151 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6...

Slackware: Security Advisory (SSA:2017-263-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0023)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:3155-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2971-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2704-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...