Lucene search
K

10788 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/08 12:14 p.m.5 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the lodash JavaScript library

Summary Due to use of the lodash JavaScript library, DevOps Test Performance and Rational Performance Tester contain a potential denial of service DoS vulnerability. Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution...

8.2CVSS6.5AI score0.01535EPSS
Exploits0Affected Software1
UbuntuCve
UbuntuCve
added 2026/04/08 2:16 a.m.10 views

CVE-2026-32281

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

7.5CVSS5.9AI score0.00349EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.2 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006585)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006585 advisory. In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fix potential integer overflow on shift of a int The left shift of int 32 bit integ...

5.5CVSS6.7AI score0.00178EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2026/04/08 12:0 a.m.28 views

Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 For...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References4
OSV
OSV
added 2026/04/08 12:0 a.m.15 views

ALSA-2026:7009 Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 For...

7.5CVSS5.8AI score0.00728EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/07 3:44 p.m.3 views

Security Bulletin: DevOps Test Performance contains a vulnerabilty related to use of the qs library

Summary Due to the use of the qs library, DevOps Test Performance and Rational Performance Tester contain a potential denial-of-service vulnerability. Vulnerability Details CVEID:CVE-2026-2391 DESCRIPTION: Summary The arrayLimit option in qs does not enforce limits for comma-separated values when...

7.5CVSS6.4AI score0.00478EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/07 3:38 p.m.4 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the DOMPurify library

Summary Due to the use of the DOMPurify library, DevOps Test Performance and Rational Performance Tester contain a cross-site scripting XSS vulnerability CVE-2025-15599, CVE-2026-0540 Vulnerability Details CVEID:CVE-2025-15599 DESCRIPTION: DOMPurify 3.1.3 through 3.2.6 and 2.5.3 through 2.5.8...

6.1CVSS5.9AI score0.0034EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/04/07 3:30 p.m.10 views

EUVD-2026-19646

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. MultiPartParser allows remote attackers to degrade performance by submitting multipart uploads with Content-Transfer-Encoding: base64 including excessive whitespace. Earlier, unsupported Django series such as...

6.5CVSS5.9AI score0.00689EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/07 3:30 p.m.6 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the @appium/support package

Summary Due to the use of the @appium/support package, DevOps Test Performance and Rational Performance Tester contain a potential path traversal vulnerability CVE-2026-30973, Vulnerability Details CVEID:CVE-2026-30973 DESCRIPTION: Appium is an automation framework that provides WebDriver-based...

6.5CVSS6AI score0.00388EPSS
Exploits1Affected Software1
NVD
NVD
added 2026/04/07 3:17 p.m.8 views

CVE-2026-33033

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. MultiPartParser allows remote attackers to degrade performance by submitting multipart uploads with Content-Transfer-Encoding: base64 including excessive whitespace. Earlier, unsupported Django series such as...

6.5CVSS0.00689EPSS
Exploits1References3
PyPA
PyPA
added 2026/04/07 3:17 p.m.13 views

PYSEC-2026-48

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30.MultiPartParser allows remote attackers to degrade performance by submitting multipart uploads with Content-Transfer-Encoding: base64 including excessive whitespace.Earlier, unsupported Django series such as...

6.5CVSS5.8AI score0.00689EPSS
Exploits1References4Affected Software1
Rockylinux
Rockylinux
added 2026/04/07 12:3 p.m.6 views

grafana-pcp security update

An update is available for grafana-pcp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Grafana plugin for Performance Co-Pilot includes datasources for...

7.5CVSS5.9AI score0.00728EPSS
Exploits0
OSV
OSV
added 2026/04/07 12:3 p.m.14 views

RLSA-2026:6383 Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 For...

7.5CVSS5.8AI score0.00728EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-23435

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - perf/x86: Move event pointer setup earlier in x86pmuenable A production AMD EPYC system crashed with a NULL pointer dereference in the PMU NMI handler: BUG:...

5.5CVSS6.1AI score0.00121EPSS
Exploits0References2
OSV
OSV
added 2026/04/06 7:59 a.m.2 views

BIT-NODE-MIN-2026-21717

A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafting a request that causes many such collisions in V8's internal string table, an attacker can significantly degrade performance of the...

5.9CVSS6.5AI score0.00283EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/03 11:25 p.m.4 views

SUSE CVE-2026-31933

Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Suricata to slow down, affecting performance in IDS mode. This issue has been patched in versions 7.0.15 and 8.0.4...

7.5CVSS5.7AI score0.00351EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/04/03 11:25 p.m.5 views

SUSE CVE-2026-31937

Suricata is a network IDS, IPS and NSM engine. Prior to version 7.0.15, inefficiency in DCERPC buffering can lead to a performance degradation. This issue has been patched in version 7.0.15...

7.5CVSS5.7AI score0.00351EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/03 6:31 p.m.4 views

EUVD-2026-18675

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Move event pointer setup earlier in x86pmuenable A production AMD EPYC system crashed with a NULL pointer dereference in the PMU NMI handler: BUG: kernel NULL pointer dereference, address: 0000000000000198 RIP:...

5.8AI score0.00121EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/03 5:10 p.m.3 views

CVE-2026-23435

A flaw was found in the Linux kernel's performance monitoring unit PMU subsystem. A race condition can occur during the unthrottling of performance events, leading to a mismatch between active performance counters and their corresponding event pointers. This can result in a NULL pointer dereferen...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/04/03 4:16 p.m.7 views

CVE-2026-23435

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Move event pointer setup earlier in x86pmuenable A production AMD EPYC system crashed with a NULL pointer dereference in the PMU NMI handler: BUG: kernel NULL pointer dereference, address: 0000000000000198 RIP:...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References5
Rows per page
Query Builder