21754 matches found
CVE-2026-44579
A flaw was found in Next.js. Applications utilizing Partial Prerendering via the Cache Components feature are susceptible to connection exhaustion. A remote attacker can send crafted POST requests to a server action, triggering a request-body handling deadlock. This leaves connections open,...
CVE-2026-44581
A flaw was found in Next.js. This vulnerability, a type of stored cross-site scripting XSS, allows a remote attacker to inject malicious scripts into web pages. By manipulating nonce values derived from request headers, an attacker can poison cached responses, leading to arbitrary script executio...
CVE-2026-45136
claude-code-cache-fix is a cache optimization proxy for Claude Code. From 3.5.0 to before 3.5.2, tools/quota-statusline.sh introduced in v3.5.0 interpolates Claude Code's hook stdin payload directly into a Python triple-quoted string literal. A ''' byte sequence in any user-controlled field of th...
dirtyfrag
Dirty Frag Overview Dirty Frag is a class of Linux ke...
CVE-2026-41918
A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...
CVE-2026-41918
The vulnerability CVE-2026-41918 affects RUGGEDCOM RST2428P (6GK6242-6PA00) all versions before V4.0. The issue arises when an authenticated user modifies certain configurations, causing sensitive information to be stored in the browser cache. An authenticated attacker could access this cached da...
CVE-2026-41918
A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...
CVE-2026-41918
A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...
CVE-2026-41918
A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...
EUVD-2026-33914
A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...
Security Bulletin: Due to use of spring-webmvc-6.2.17.jar, IBM Sterling Connect:Direct Web Services is vulnerable to cache poisoning when resolving static resources.
Summary spring-webmvc-6.2.17.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-22741. Vulnerability Details CVEID:CVE-2026-22741 DESCRIPTION: Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. More precisely, an application can be...
SUSE-SU-2026:21983-1 Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. -...
org.apache.camel/camel-infinispan: Apache Camel camel-infinispan: Arbitrary code execution via deserialization of untrusted data
A flaw was found in the camel-infinispan component of Apache Camel. A remote attacker, with the ability to write to the Infinispan cache, can inject a specially crafted serialized Java object. When this object is deserialized during normal aggregation repository operations, it can lead to arbitra...
org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing
A flaw was found in Eclipse Jetty. The HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used. An attacker can inject crafted requests to manipulate and trick the parser. This issue can lead to security controls bypass, cache poisoning or unauthorized endpoint access...
SUSE-SU-2026:21982-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. -...
Sercomm VD625 Smart Modems - CRLF Injection
Sercomm AGCOMBO VD625 Smart Modems with firmware version AGSOT2.1.0 are vulnerable to Carriage Return Line Feed CRLF injection via the Content-Disposition header. id: CVE-2021-27132 info: name: Sercomm VD625 Smart Modems - CRLF Injection author: geeknik severity: critical description: Sercomm...
SUSE-SU-2026:21979-1 Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. -...
SUSE SLES15 Security Update : kernel (Live Patch 8 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:2181-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2181-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.28 fixes various security issues The following security issues were fixed: -...
SUSE SLES12 Security Update : kernel (Live Patch 70 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:2178-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2178-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.266 fixes various security issues The following security issues were fixed: -...
SUSE SLES12 Security Update : kernel (Live Patch 75 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:2148-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2148-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.283 fixes various security issues The following security issues were fixed: -...