1095 matches found
PT-2026-50733
piscina is a node.js worker pool implementation. Prior to 6.0.0-rc.2, 5.2.0, and 4.9.3, piscina's constructor and run paths read the filename option via plain member access. Both reads fall through the prototype chain when the caller's options object doesn't have filename as an own property. When...
PT-2026-50709
Name of the Vulnerable Software and Affected Versions Hermes WebUI versions prior to 0.51.468 Description An issue exists in the unauthenticated 'POST /api/onboarding/oauth/start' endpoint that allows for unbounded accumulation of in-memory flow state and daemon threads. This can lead to resource...
Important: Red Hat Security Advisory: 389-ds-base security, bug fix, and enhancement update
An update for 389-ds-base is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Malicious code in vite-plugin-compress-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba5cca8be2f19842c304f355a2219256b3af26e9df385ec314ea6899621110aa On module load, the package's initPlugin function performs an HTTP GET to https://www.jsonkeeper.com/b/OTOAQ an anonymous public JSON-paste host and...
CVE-2026-36499
A flaw was found in Open vSwitch. A missing upper-bound check in udpifsetthreads allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads, causing resource exhaustion and denial of service. Reported against Open vSwitch v3.6.90; affects...
SUSE CVE-2026-36499
A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...
CVE-2026-6809
The Social Post Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Threads embed handler in all versions up to, and including, 2.0.1. This is due to insufficient input sanitization and output escaping on the user-supplied URL. This makes it possible for authenticated...
CVE-2026-41189
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, customer-thread editing is authorized through ThreadPolicy::edit, which checks mailbox access but does not apply the assigned-only restriction from ConversationPolicy. A user who cannot view a conversation can...
Linux Distros Unpatched Vulnerability : CVE-2026-36499
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of...
DEBIAN-CVE-2026-36499
A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...
UBUNTU-CVE-2026-36499
A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...
Open vSwitch 安全漏洞
Open vSwitch is a virtual switch developed as part of the Collaborative Project open-source project. Version 3.6.90 of Open vSwitch contains a security vulnerability. This vulnerability stems from the lack of an upper limit check in the udpifsetthreads function, which may allow attackers with wri...
CVE-2026-36499
A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...
CVE-2026-36499
A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...
EUVD-2026-34317
A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...
CVE-2026-36499
A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...
CVE-2026-36499
Open vSwitch v3.6.90 contains a missing upper-bound check in udpif_set_threads(); with OVSDB write access, an attacker can request excessive handler/revalidation threads, causing DoS via resource exhaustion. Documented across NVD entries and vuln lists; exploitation status is not detailed in the ...
PT-2026-46314
Name of the Vulnerable Software and Affected Versions Open vSwitch version 3.6.90 Description A missing upper-bound check in the udpif set threads function allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can lead to a denial of...
CVE-2026-36499
A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...
CVE-2026-46187
A flaw was found in the Linux kernel's Redpine Signals RSI Wi-Fi driver. A race condition, which occurs when multiple operations try to access the same resource simultaneously, exists in the management of kernel threads kthreads, lightweight processes within the kernel. This can lead to a...