54 matches found
CVE-2026-48619
A flaw was found in Node.js. A malicious server can exploit the HTTP/2 client by sending an unlimited number of ORIGIN frames. This can lead to an Out of Memory error on the client, resulting in a denial of service. Mitigation Mitigation for this issue is either not available or the currently...
K000161920: Node.js vulnerability CVE-2026-48619
Security Advisory Description A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26. CVE-2026-48619 Impa...
ALPINE-CVE-2026-48619
A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
CVE-2026-48619
A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
EUVD-2026-39607
A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
CVE-2026-48619
CVE-2026-48619 describes a flaw in Node.js HTTP/2 client where a server can send an unlimited number of ORIGIN frames, potentially causing an Out of Memory (OOM) on the client. Affected releases are Node.js 22, 24, and 26. The June 2026 security releases provide fixes in updated versions: 22.23.0...
CVE-2026-48619
A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
CVE-2026-48619
A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
Linux Distros Unpatched Vulnerability : CVE-2026-48619
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This...
Home Assistant 安全漏洞
Home Assistant is an open-source family automation management system developed by Home Assistant. This system is primarily used to control household automation devices. Versions of Home Assistant prior to 2026.4.1 for iOS and 2026.4.4 for Android have security vulnerabilities. These vulnerabiliti...
Node.js: Unbounded memory growth in `node:http2` clients via attacker-controlled ORIGIN frames
Vulnerability description not provided...
MiracleLinux 8 : firefox-128.10.0-1.el8_10.ML.1 (AXSA:2025-9933:13)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9933:13 advisory. firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing...
MiracleLinux 8 : thunderbird-128.10.0-1.el8_10.ML.1 (AXSA:2025-9937:11)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9937:11 advisory. firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing...
MiracleLinux 9 : thunderbird-128.10.0-1.el9_5.ML.1 (AXSA:2025-9936:10)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9936:10 advisory. firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing...
EUVD-2019-7475
Malware in sbrugna...
EUVD-2018-16902
Malware in sbrugna...
EUVD-2013-0529
Malware in sbrugna...
EUVD-2023-1597
Malicious code in bioql PyPI...
firefox security update
An update is available for firefox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...
CVE-2022-24668
A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error after frame parsing but before frame handlin...