Lucene search
+L

134 matches found

RedHat Linux
RedHat Linux
added 6 days ago8 views

undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery.

A flaw was found in undici. An attacker-controlled upstream server can exploit a vulnerability in Undici's HTTP/1.1 client, specifically related to response queue poisoning on reused keep-alive sockets. This allows the attacker to inject an unsolicited HTTP/1.1 response onto an idle socket...

3.7CVSS6.9AI score0.00228EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added last week5 views

undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery.

A flaw was found in undici. An attacker-controlled upstream server can exploit a vulnerability in Undici's HTTP/1.1 client, specifically related to response queue poisoning on reused keep-alive sockets. This allows the attacker to inject an unsolicited HTTP/1.1 response onto an idle socket...

3.7CVSS6.1AI score0.00228EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/06 3:7 p.m.7 views

undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery.

A flaw was found in undici. An attacker-controlled upstream server can exploit a vulnerability in Undici's HTTP/1.1 client, specifically related to response queue poisoning on reused keep-alive sockets. This allows the attacker to inject an unsolicited HTTP/1.1 response onto an idle socket...

3.7CVSS7AI score0.00228EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/06 2:47 p.m.8 views

undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery.

A flaw was found in undici. An attacker-controlled upstream server can exploit a vulnerability in Undici's HTTP/1.1 client, specifically related to response queue poisoning on reused keep-alive sockets. This allows the attacker to inject an unsolicited HTTP/1.1 response onto an idle socket...

3.7CVSS7AI score0.00228EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/06 5:32 a.m.8 views

undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery.

A flaw was found in undici. An attacker-controlled upstream server can exploit a vulnerability in Undici's HTTP/1.1 client, specifically related to response queue poisoning on reused keep-alive sockets. This allows the attacker to inject an unsolicited HTTP/1.1 response onto an idle socket...

3.7CVSS6AI score0.00228EPSS
Exploits0References7
CVE
CVE
added 2026/06/26 7:40 p.m.16 views

CVE-2026-53294

Technical details for CVE-2026-53294 are not publicly available in the provided documents. Monitor for updates from Debian/Ubuntu OSV entries and kernel advisories for affected components, versions, and fixes.

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-54275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, the serverhostname TLS SNI check can be bypassed when an existi...

7.5CVSS6.1AI score0.00266EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/15 8:11 p.m.9 views

Improper Validation of Certificate with Host Mismatch

Overview Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch in the serverhostname parameter handling during HTTPS connection reuse. An attacker can bypass intended TLS SNI checks by reusing an existing connection with a different...

7.5CVSS5.3AI score0.00266EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have a resource management vulnerability. This...

7.8CVSS7.8AI score0.00257EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability that stems from the reuse of resources after File Input is released...

8.8CVSS5.3AI score0.00252EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a resource management vulnerability. This vulnerability stemmed from the reuse of decoded objects after their release, which could allow remote attackers to obtain sensitive information fr...

6.5CVSS5.3AI score0.00229EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.11 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a resource management vulnerability. This vulnerability stemmed from the issue of reusing views after they were released, which could allow remote attackers who exploit specific UI gesture...

8.8CVSS5.9AI score0.00301EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the use of views, which were reused after being released. This could allow remote attackers to escape the sandbox...

8.8CVSS5.4AI score0.00325EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/29 5:22 p.m.13 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the browser debug and export routes. An attacker can access sensitive internal resources by reusing already-open blocked tabs to export or inspect content that...

6.5CVSS5.5AI score0.00155EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from writing values from the /smack/doi module. By writing values that have been previously used, it is...

5.8AI score0.0016EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the use of GPU components that were reused after being released, potentially allowing remote attackers who had...

8.3CVSS5.9AI score0.00214EPSS
Exploits0References3
Hacker One
Hacker One
added 2026/05/22 3:13 a.m.12 views

curl: CVE-2026-9546: sending old referer

Summary: libcurl documents that CURLOPTREFERER can be set to NULL to disable the Referer header again, but doing so after a transfer does not clear the cached per-handle referer state. As a result, the next HTTP request on the same easy handle can still send the previous request's Referer: value ...

7.5CVSS5.9AI score0.00652EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When reusing existing popups, Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...

6.5CVSS7.2AI score0.0062EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of CSS after it was released, which could allow remote attackers to execute arbitrary code within a...

8.8CVSS6.2AI score0.00267EPSS
Exploits0References3
OSV
OSV
added 2026/05/04 1:12 p.m.7 views

JLSEC-2026-429 When doing TLS related transfers with reused easy or multi handles and altering the ...

When doing TLS related transfers with reused easy or multi handles and altering the CURLSSLOPTNOPARTIALCHAIN option, libcurl could accidentally reuse a CA store cached in memory for which the partial chain option was reversed. Contrary to the user's wishes and expectations. This could make libcur...

5.3CVSS6AI score0.00679EPSS
Exploits0References5
Rows per page
Query Builder