141 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-9984
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The sndmsndinterrupt function in sound/isa/msnd/msndpinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary...
Linux Distros Unpatched Vulnerability : CVE-2017-9986
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The intr function in sound/oss/msndpinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibl...
CVE-2025-54132 Cursor's Mermaid Diagram Tool is Vulnerable to an Arbitrary Image Fetch
Cursor is a code editor built for programming with AI. In versions below 1.3, Mermaid which is used to render diagrams allows embedding images which then get rendered by Cursor in the chat box. An attacker can use this to exfiltrate sensitive information to a third-party attacker controlled serve...
CVE-2022-48357
Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service DoS attacks to the kernel...
The vulnerability of the `fetch()` function in HTTP/1.1 of the Node.js software platform allows a attacker to cause a service failure.
The vulnerability of the fetch function in HTTP/1.1 in Node.js software platforms is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service failures...
The vulnerability of the fetch() function in the Node.js programming platform, which allows a attacker to trigger a Denial-of-Service attack.
The vulnerability of the fetch function in the Node.js programming platform is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a remote attacker to trigger a Denial-of-Service attack...
AZL-35898 CVE-2024-22025 affecting package nodejs for versions less than 20.14.0-1
A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...
AZL-35909 CVE-2024-22025 affecting package nodejs for versions less than 16.20.2-4
A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...
AZL-35911 CVE-2024-22025 affecting package nodejs18 for versions less than 18.18.2-5
A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...
Node.js Security Vulnerabilities
Node.js is an open source, cross-platform JavaScript runtime environment. A security vulnerability exists in Node.js that stems from the fetch function always decoding Brotli, exhausting resources and causing a denial of service...
The vulnerability of the Mozilla Firefox browser’s fetch function is related to resource management errors, allowing attackers to compromise the integrity of protected information.
The vulnerability of the Mozilla Firefox browser’s fetch function is related to resource management errors. Exploiting this vulnerability can allow an attacker to compromise the integrity of protected information...
NodeJS -- Vulnerabilities
Node.js reports: Code injection and privilege escalation through Linux capabilities- High http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- High Path traversal by monkey-patching Buffer internals- High setuid does not drop all privileges due to iouring - Hi...
CVE-2023-5654
The React Developer Tools extension registers a message listener with window.addEventListener'message', in a content script that is accessible to any webpage that is active in the browser. Within the listener is code that requests a URL derived from the received message via fetch. The URL is not...
Sev-es / sev-snp vmgexit double fetch vulnerability
...
CVE-2023-4155
A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...
CVE-2023-4155 Sev-es / sev-snp vmgexit double fetch vulnerability
A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...
CVE-2022-48357
Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service DoS attacks to the kernel...
CVE-2022-48357
Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service DoS attacks to the kernel...
PT-2023-15734 · Huawei · Emui +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned, so: Some products affected versions not specified Description: The issue concerns a double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service DoS...
CVE-2022-48357
Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service DoS attacks to the kernel...