36 matches found
PT-2026-45903
In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack request smuggling, which in turn can be used for cache poisoning, authentication bypass, or possibly even information disclosure and...
PT-2026-40778
Name of the Vulnerable Software and Affected Versions Zen 2-based products affected versions not specified Description A flaw in the CPU operation op/µop cache allows for the execution of incorrect instructions at a higher privilege level, which can lead to an elevation of privilege affecting the...
Unity Linux 20.1060e / 20.1070e Security Update: samba (UTSA-2026-017656)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017656 advisory. A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that...
SUSE CVE-2026-34079
Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching for ld.so removes outdated cache files without properly checking that the app controlled path to the outdated cache is in the cache directory. This allows Flatpak apps to delete arbitrary files on t...
PT-2026-31343
Name of the Vulnerable Software and Affected Versions Red Hat Quay affected versions not specified Description A flaw exists in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay establishes a network...
K000160295: Intel CPU vulnerability CVE-2025-20109
Security Advisory Description Improper Isolation or Compartmentalization in the stream cache mechanism for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2025-20109 Impact This vulnerability may allow an authenticated use...
PT-2026-22204
Name of the Vulnerable Software and Affected Versions wger versions prior to 2.4 Description The software contains a flaw where routine detail action endpoints check a cache before verifying object ownership using self.get object. Cache keys are scoped only by the primary key pk and do not includ...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001384)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001384 advisory. fpregsstatevalid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of...
CVE-2025-59029
PowerDNS Recursor exposes CVE-2025-59029: an attacker can trigger an assertion failure by sending crafted DNS records and then querying with qtype=ANY after records are cached. The issue affects the PowerDNS Recursor family per multiple CNVD/NVD/CVE records; the NVD metrics indicate NETWORK attac...
powerdns-recursor -- Denial of Service
PowerDNS Team reports: 2025-07: Internal logic flaw in cache management can lead to a denial of service in Recursor 2025-08: Insufficient validation of incoming notifies over TCP can lead to a denial of service in Recursor 2026-01: Crafted zones can lead to increased resource usage in Recursor...
Apple多款产品 安全漏洞
Apple Safari and others are products of Apple Inc. Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems. apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. A security vulnerability...
Linux Distros Unpatched Vulnerability : CVE-2018-19143
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open Ticket Request System OTRS 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified...
Linux Distros Unpatched Vulnerability : CVE-2022-23959
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise Cache Plus 4.1.x before 4.1.11r6 and 6.0.x...
Nx 安全漏洞
Nx is an application from Nx, Inc. A security vulnerability exists in Nx that stems from a design flaw in the bucket-based remote cache that could lead to the injection of compromised artifacts into a trusted production environment...
PT-2025-49592
Name of the Vulnerable Software and Affected Versions pdns-recursor affected versions not specified Description An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP. This impacts pdns-recursor in Debian Linux. Recommendations At the moment, there is no...
glibc: netgroup cache may terminate daemon on memory allocation failure
A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure...
AZL-40222 CVE-2024-0874 affecting package coredns for versions less than 1.11.1-8
A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching...
PT-2024-3321
Name of the Vulnerable Software and Affected Versions glibc versions 2.15 and later Description The Name Service Cache Daemon's nscd cache fails to add a not-found netgroup response to the cache, resulting in a null pointer dereference when a client request is made. This flaw was introduced in...
SUSE CVE-2017-8819
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to trigger this issue...
SUSE CVE-2020-6442
Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page...