22328 matches found
SUSE CVE-2026-23232
In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: block cache/dio write during f2fsenablecheckpoint" This reverts commit 196c81fdd438f7ac429d5639090a9816abb9760a. Original patch may cause below deadlock, revert it. write remount - writebegin - lockpage --- lock A -...
EUVD-2026-9637
Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects W3 Total Cache: from n/a through = 2.9.1...
CVE-2026-1678
CVE-2026-1678 affects Zephyr’s DNS name parser. The function dns_unpack_name() caches the buffer tailroom and reuses it when appending DNS labels; as the buffer grows, the cached size can become incorrect, allowing the final null terminator to be written past the buffer. With assertions disabled ...
EUVD-2026-9792
dnsunpackname caches the buffer tailroom once and reuses it while appending DNS labels. As the buffer grows, the cached size becomes incorrect, and the final null terminator can be written past the buffer. With assertions disabled default, a malicious DNS response can trigger an out-of-bounds wri...
CVE-2026-27384
Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects W3 Total Cache: from n/a through = 2.9.1...
CVE-2026-27384 WordPress W3 Total Cache plugin <= 2.9.1 - Arbitrary Code Execution vulnerability
Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects W3 Total Cache: from n/a through = 2.9.1...
CVE-2026-27384 WordPress W3 Total Cache plugin <= 2.9.1 - Arbitrary Code Execution vulnerability
Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects W3 Total Cache: from n/a through = 2.9.1...
CVE-2026-27384
Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects W3 Total Cache: from n/a through = 2.9.1...
CVE-2026-27384
CVE-2026-27384 affects BoldGrid W3 Total Cache (WordPress plugin) up to version 2.9.1. The vulnerability arises from improper validation of a specified quantity in input, allowing access to functionality not properly constrained by ACLs, which can enable unauthenticated Arbitrary Code Execution (...
[SECURITY] Fedora 42 Update: valkey-8.0.7-1.fc42
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
Duplicate Advisory: Cache poisoning via insecure-by-default cache key
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-f93w-pcj3-rggc. This link is maintained to preserve external references. Original Description A cache poisoning vulnerability has been found in the Pingora HTTP proxy framework’s default cache key construction...
Duplicate Advisory: HTTP Request Smuggling via Premature Upgrade
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xq2h-p299-vjwv. This link is maintained to preserve external references. Original Description An HTTP request smuggling vulnerability CWE-444 was found in Pingora's handling of HTTP/1.1 connection upgrades. The...
GHSA-2M8C-2374-465F Duplicate Advisory: Cache poisoning via insecure-by-default cache key
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-f93w-pcj3-rggc. This link is maintained to preserve external references. Original Description A cache poisoning vulnerability has been found in the Pingora HTTP proxy framework’s default cache key construction...
CVE-2026-2836
A cache poisoning vulnerability has been found in the Pingora HTTP proxy framework’s default cache key construction. The issue occurs because the default HTTP cache key implementation generates cache keys using only the URI path, excluding critical factors such as the host header authority...
CVE-2026-2836
A cache poisoning vulnerability has been found in the Pingora HTTP proxy framework’s default cache key construction. The issue occurs because the default HTTP cache key implementation generates cache keys using only the URI path, excluding critical factors such as the host header authority...
OpenClaw 加密问题漏洞
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a cryptographic issue vulnerability that stems from the use of SHA-1 hashed Docker and browser sandbox configurations of the sandbox identifier cache key, which can be exploited by an attacker to enable...
Pingora 安全漏洞
Pingora is a library open sourced by Cloudflare, used for building fast, reliable, and scalable network services. Prior to version 0.8.0, Pingora had security vulnerabilities. These vulnerabilities stemmed from improper construction of default cache keys, which could lead to cross-tenant data lea...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005666)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005666 advisory. In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skbunderpanic in ip6mrcachereport skbuff: skbunderpanic: text:ffffffff88771f69 len:56...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005441)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005441 advisory. In the Linux kernel, the following vulnerability has been resolved: bcache: avoid oversized read request in cache missing code path In the cache missing code path o...
WordPress plugin W3 Total Cache 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...