Lucene search
K

11294 matches found

NVD
NVD
added 2026/06/22 7:17 p.m.10 views

CVE-2026-54299

Astro is a web framework. Prior to 6.4.6, Astro SSR apps with prerendered error pages /404 or /500 using export const prerender = true fetch those pages over HTTP at runtime when an error occurs. The URL for this fetch is derived from request.url, which in turn gets its origin from the incoming...

7.5CVSS0.00196EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 5:33 p.m.4 views

CVE-2026-54299

Astro is a web framework. Prior to 6.4.6, Astro SSR apps with prerendered error pages /404 or /500 using export const prerender = true fetch those pages over HTTP at runtime when an error occurs. The URL for this fetch is derived from request.url, which in turn gets its origin from the incoming...

7.5CVSS6AI score0.00196EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/22 4:23 p.m.4 views

CVE-2026-54269

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 8.6.0 and 7.6.3, protobufjs accepted certain schema-derived names that could collide with properties used by protobufjs runtime helpers. The known affected names are fields named hasOwnProperty, field or oneof names...

5.3CVSS5.9AI score0.00238EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Amazon Linux 2 : golang, --advisory ALAS2-2026-3383 (ALAS-2026-3383)

The version of golang installed on the remote host is prior to 1.25.11-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3383 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN...

7.5CVSS6.3AI score0.00904EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.4 views

Amazon Linux 2023 : golang-github-burntsushi-toml, golang-github-burntsushi-toml-devel (ALAS2023-2026-1877)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1877 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, . to execute repeatedly on the same...

7.5CVSS6.2AI score0.00904EPSS
Exploits0References8
Redos
Redos
added 2026/06/22 12:0 a.m.6 views

ROS-20260622-73-0003

The vulnerability in Firefox is related to errors during variable initialization. Exploiting this vulnerability can allow an attacker to cause a service failure...

9.8CVSS5.8AI score0.00399EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.4 views

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1878)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1878 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, . to execute repeatedly on the same...

7.5CVSS6.2AI score0.00904EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Amazon Linux 2023 : compat-golang-github-cpuguy83-md2man-2-devel, golang-github-cpuguy83-md2man, golang-github-cpuguy83-md2man-devel (ALAS2023-2026-1875)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1875 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, . to execute repeatedly on the same...

7.5CVSS6.2AI score0.00904EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/06/20 2:28 a.m.10 views

SUSE CVE-2026-55203

HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers. When contentLength is 65535 and paddingLength is 1 or more, the drl field wraps to 0, causing incorrect record...

5.6CVSS6.1AI score0.00321EPSS
Exploits0References5
OSV
OSV
added 2026/06/19 2:24 p.m.11 views

MAL-2026-6226 Malicious code in new-mjs-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4ae24b182a00059424b8ea4800927bbbf662f0e6bf20264af611d37203a3f2e Package is published under the unrelated name 'new-mjs-eslint' but ships a verbatim copy of the big.js decimal-arithmetic library original...

5.9AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/MCE: Always save the CS register in cases of AMD Zen IF Poison errors. The Instruction Fetch IF units on current AMD Zen-based systems do not guarantee a synchronous MC for poison consumption errors. Therefore,...

5.5CVSS5.5AI score0.00136EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fixed NULL dereferencing during snapshot cleanup. In cases of early initialization errors, and on platforms that do not use the DPU controller, the deinitialization code can be called with the kms pointer set to NULL...

5.2AI score0.002EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in PackageKit

PackageKit provided detailed error messages to unprivileged callers who were exposed to information about the presence of files and their mimetypes. This information was difficult for those callers to determine on their own...

3.3CVSS6AI score0.00462EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: x86/resctrl: Clear stagedconfig before and after it is used. As a temporary storage, stagedconfig in rdtdomain should be cleared before and after it is used. The stale value in stagedconfig could cause an MSR access error. Here i...

5.5CVSS5.3AI score0.00145EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nvme-tcp: fixed UAF Use-after-Free issues when detecting digest errors. We should also exit the iowork loop when setting rdenabled to true, so that we do not attempt to read data from the socket when the TCP stream is already...

7.8CVSS5.7AI score0.0025EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fixed the reset-controller leak in cases of probe errors. Be sure to release the lane reset controller in case of a late probe error e.g., probe deferral...

5.5CVSS6.2AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘drm/amd/pm: resolve reboot exception for si oland’” This fix is reflected in commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. This issue causes hangs on SI when DC is enabled, and errors occur during driver-related reboo...

5.5CVSS5.8AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: The error check in parsebtffield has been fixed. btffindstructmember may return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. This issue is fixed b...

5.5CVSS5.2AI score0.00211EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: gfs2: Check sbbsizeshift after reading the superblock Fuzzers often modify sbbsizeshift, but in reality it’s very unlikely that this field would be corrupted on its own. Nevertheless, it should still be checked to avoid potential...

5.5CVSS6AI score0.00186EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: Intel: sofsdw – handling errors during card registration. If card registration fails, usually due to deferred probes, the device properties added for headset codecs are not removed, which leads to kernel errors during...

5.5CVSS6.3AI score0.00243EPSS
Exploits0References2
Rows per page
Query Builder