Seroval affected by Denial of Service via Array serialization

Overriding encoded array lengths by replacing them with an excessively large value causes the deserialization process to significantly increase processing time. Mitigation: Seroval no longer encodes array lengths. Instead, it computes length using Array.prototype.length during deserialization...

GHSA-66FC-RW6M-C2Q6 Seroval affected by Denial of Service via Array serialization

Overriding encoded array lengths by replacing them with an excessively large value causes the deserialization process to significantly increase processing time. Mitigation: Seroval no longer encodes array lengths. Instead, it computes length using Array.prototype.length during deserialization...

Allocation of Resources Without Limits or Throttling

Overview seroval is a Stringify JS values Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the encoded array lengths serialization process. An attacker can cause excessive processing time by overriding encoded array lengths with extremel...

Allocation of Resources Without Limits or Throttling

Overview org.webjars.npm:seroval is a Stringify JS values Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the encoded array lengths serialization process. An attacker can cause excessive processing time by overriding encoded array lengt...

Security information for Hitachi Disk Array Systems

Overview CVE-2025-54100 | PowerShell Remote Code Execution Vulnerability CVE-2025-55233 | Windows Projected File System Elevation of Privilege Vulnerability CVE-2025-59516 | Windows Storage VSP Driver Elevation of Privilege Vulnerability CVE-2025-59517 | Windows Storage VSP Driver Elevation of...

PT-2026-3890

Name of the Vulnerable Software and Affected Versions seroval versions 1.4.0 and below Description seroval facilitates JavaScript value stringification, including complex structures beyond the capabilities of JSON.stringify. In affected versions, replacing encoded array lengths with excessively...

UBUNTU-CVE-2025-55131

A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...

CVE-2025-55131

A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...

CVE-2026-1173

A vulnerability was found in birkir prime up to 0.4.0.beta.0. The impacted element is an unknown function of the file /graphql of the component GraphQL Array Based Query Batch Handler. The manipulation results in denial of service. The attack can be executed remotely. The exploit has been made...

Denial Of Service (DoS)

Svelte devalue is vulnerable to a Denial-Of-Service DoS. The vulnerability is due to missing input validation during typed array hydration, where devalue.parse assumes an ArrayBuffer input without verification, allowing crafted inputs to trigger excessive CPU or memory consumption when parsing...

Denial Of Service (DoS)

Devalue is vulnerable to a Denial-Of-Service DoS.The vulnerability is due to missing input validation during ArrayBuffer hydration, where devalue.parse assumes base64-encoded input without verification, allowing crafted data to trigger excessive CPU and memory consumption when parsing untrusted...

SUSE CVE-2026-1145

A flaw has been found in quickjs-ng quickjs up to 0.11.0. Affected by this vulnerability is the function jstypedarrayconstructorta of the file quickjs.c. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may ...

MiracleLinux 8 : java-21-openjdk-21.0.2.0.13-1.el8.ML.1 (AXSA:2024-7439:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7439:03 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

MiracleLinux 8 : java-17-openjdk-17.0.13.0.11-3.el8 (AXSA:2024-8948:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8948:16 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-212...

MiracleLinux 8 : sqlite-3.26.0-17.el8 (AXSA:2023-4779:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4779:01 advisory. sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API CVE-2022-35737 Tenable has extracted the preceding description...

MiracleLinux 9 : java-1.8.0-openjdk-1.8.0.382.b05-2.el9.ML.1 (AXSA:2023-6265:17)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6265:17 advisory. OpenJDK: improper handling of slash characters in URI-to-path conversion 8305312 CVE-2023-22049 OpenJDK: array indexing integer overflow issue 83044...

MiracleLinux 9 : java-21-openjdk-21.0.2.0.13-1.el9.ML.1 (AXSA:2024-7447:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7447:04 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

MiracleLinux 8 : java-17-openjdk-17.0.8.0.7-2.el8 (AXSA:2023-6263:12)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6263:12 advisory. OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 OpenJDK: improper...

ROS-20260120-7362

A vulnerability in the loadmicrocodeamd function of the Linux kernel is related to incorrect array indexing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.402.b06-1.el7 (AXSA:2024-7425:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7425:01 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...