157 matches found
Oracle Linux 10 : freerdp (ELSA-2026-16014)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-16014 advisory. - Fix double free in xfrailwindowcommon cleanup CVE-2026-26986 - Fix clipboard use-after-free during auto-reconnect CVE-2026-25997 - Fix...
EUVD-2026-27131
@fastify/accepts-serializer Vulnerable to Denial of Service via Unbounded Accept Header Cache Growth...
CVE-2026-7768 @fastify/accepts-serializer vulnerable to Denial of Service via Unbounded Accept Header Cache Growth
@fastify/accepts-serializer cached serializer-selection results keyed by the request Accept header without a size limit or eviction policy. A remote unauthenticated client could send many distinct but matching Accept header variants to make the cache grow unbounded, eventually exhausting the...
Astra Linux - уязвимость в bind9
Every named instance configured to run as a recursive resolver maintains a cache database that holds the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; i...
CVE-2026-27980 Next.js: Unbounded next/image disk cache growth can exhaust storage
Next.js is a React framework for building full-stack web applications. Starting in version 10.0.0 and prior to version 16.1.7, the default Next.js image optimization disk cache /next/image did not have a configurable upper bound, allowing unbounded cache growth. An attacker could generate many...
CVE-2026-27980 Next.js: Unbounded next/image disk cache growth can exhaust storage
Next.js is a React framework for building full-stack web applications. Starting in version 10.0.0 and prior to version 16.1.7, the default Next.js image optimization disk cache /next/image did not have a configurable upper bound, allowing unbounded cache growth. An attacker could generate many...
Next.js: Unbounded next/image disk cache growth can exhaust storage
Summary The default Next.js image optimization disk cache /next/image did not have a configurable upper bound, allowing unbounded cache growth. Impact An attacker could generate many unique image-optimization variants and exhaust disk space, causing denial of service. Note that this does not impa...
CVE-2019-25378
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple cross-site scripting vulnerabilities in the proxy.cgi endpoint that allow attackers to inject malicious scripts through parameters including CACHESIZE, MAXSIZE, MINSIZE, MAXOUTGOINGSIZE, and MAXINCOMINGSIZE. Attackers can submit POS...
Azure Linux 3.0 Security Update: kernel (CVE-2024-42243)
"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42243 advisory. - In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER...
EUVD-2023-34279
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-6516
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including...
Linux Distros Unpatched Vulnerability : CVE-2024-42243
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/filemap: make MAXPAGECACHEORDER acceptable to xarray Patch series mm/filemap: Limit page cache size to that supported by xarray, v2. Currently, xarray can't...
kernel: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray
In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER acceptable to xarray Patch series "mm/filemap: Limit page cache size to that supported by xarray", v2. Currently, xarray can't support arbitrary page cache size. More details can be found from t...
SUSE-SU-2024:4105-1 Security update for tomcat10
This update for tomcat10 fixes the following issues: - Update to Tomcat 10.1.33 Fixed CVEs: + CVE-2024-52316: If the Jakarta Authentication fails with an exception, set a 500 status bsc1233434 Catalina + Add: Add support for the new Servlet API method HttpServletResponse.sendEarlyHints. markt +...
kernel: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray
In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER acceptable to xarray Patch series "mm/filemap: Limit page cache size to that supported by xarray", v2. Currently, xarray can't support arbitrary page cache size. More details can be found from t...
DEBIAN-CVE-2024-42317
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: avoid PMD-size page cache if needed xarray can't support arbitrary page cache size. the largest and supported page cache size is defined as MAXPAGECACHEORDER by commit 099d90642a71 "mm/filemap: make MAXPAGECACHEORD...
AZL-62726 CVE-2024-42317 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: avoid PMD-size page cache if needed xarray can't support arbitrary page cache size. the largest and supported page cache size is defined as MAXPAGECACHEORDER by commit 099d90642a71 "mm/filemap: make MAXPAGECACHEORD...
CVE-2024-42317
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: avoid PMD-size page cache if needed xarray can't support arbitrary page cache size. the largest and supported page cache size is defined as MAXPAGECACHEORDER by commit 099d90642a71 "mm/filemap: make MAXPAGECACHEORD...
CVE-2024-42317 mm/huge_memory: avoid PMD-size page cache if needed
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: avoid PMD-size page cache if needed xarray can't support arbitrary page cache size. the largest and supported page cache size is defined as MAXPAGECACHEORDER by commit 099d90642a71 "mm/filemap: make MAXPAGECACHEORD...
AZL-47516 CVE-2024-42243 affecting package kernel for versions less than 6.6.43.1-7
In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER acceptable to xarray Patch series "mm/filemap: Limit page cache size to that supported by xarray", v2. Currently, xarray can't support arbitrary page cache size. More details can be found from t...