UBUNTU-CVE-2026-21717

A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafting a request that causes many such collisions in V8's internal string table, an attacker can significantly degrade performance of the...

Linux Distros Unpatched Vulnerability : CVE-2022-21222

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package css-what before 2.1.3 are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of insecure regular expression in the reattr...

PT-2021-19559 · Cesanta · Mongooseos Mjs

Name of the Vulnerable Software and Affected Versions: Cesanta MongooseOS mJS version 1.26 Description: A maliciously formed JSON string can trigger an off-by-one heap-based buffer overflow in mjs json parse, potentially leading to redirection of control flow. The original reporter disputes the...

npmjs-url-parse: Improper validation of protocol of the returned URL

An input validation flaw exists in the node.js-url-parse, which results in the URL being incorrectly set to the document location protocol instead of the URL being passed as an argument. An attacker could use this flaw to bypass security checks on URLs...