Lucene search
+L

187 matches found

Amazon
Amazon
added 2026/02/05 12:0 a.m.8 views

Important: nodejs24

Issue Overview: Bypass File System Permissions using crafted symlinks CVE-2025-55130 A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated...

9.1CVSS5.9AI score0.03782EPSS
Exploits2
Veracode
Veracode
added 2026/02/02 2:13 p.m.11 views

Denial-of-Service (DoS)

React Server Components packages are vulnerable to Denial-Of-Service DoS. The vulnerability is due to insufficient validation and resource handling in Server Function request processing, where specially crafted HTTP requests to server function endpoints can trigger excessive CPU usage, memory...

7.5CVSS5.4AI score0.02499EPSS
Exploits0References9Affected Software4
Snyk
Snyk
added 2026/01/26 7:49 p.m.7 views

Allocation of Resources Without Limits or Throttling

Overview @modern-js/utils is a progressive web framework based on React. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the decoding reply functions of React Flight protocol. An attacker can cause server crashes, out-of-memory exception...

8.7CVSS7.2AI score0.65592EPSS
Exploits10References2
Snyk
Snyk
added 2026/01/26 7:49 p.m.8 views

Allocation of Resources Without Limits or Throttling

Overview react-server-dom-parcel is a React Server Components bindings for DOM using Parcel. This is intended to be integrated into meta-frameworks. It is not intended to be imported directly. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling...

8.7CVSS5.9AI score0.65592EPSS
Exploits10References2
Cvelist
Cvelist
added 2026/01/26 7:16 p.m.24 views

CVE-2026-23864

Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack. The vulnerabilities are triggered by sending specially crafted HTTP requests to Server Function endpoints,...

0.02499EPSS
Exploits0References1
CVE
CVE
added 2026/01/26 7:16 p.m.97 views

CVE-2026-23864

CVE-2026-23864 affects React Server Components packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The connected advisories describe a denial-of-service condition triggered by specially crafted HTTP requests to Server Function endpoints, potentially causin...

7.5CVSS6AI score0.02499EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.6 views

Meta React Server Components security vulnerabilities

Meta React Server Components are a series of components developed by the American company Meta. There is a security vulnerability in Meta React Server Components, which can lead to server crashes, memory exhaustion, or excessive CPU usage when specially crafted HTTP requests are sent...

7.5CVSS7.5AI score0.02499EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.6 views

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checks for whether the server is running by unlockfilesystem, potentially leading to...

5.5CVSS6AI score0.00115EPSS
Exploits0References4
NCSC
NCSC
added 2026/01/21 10:12 a.m.15 views

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in several Oracle MySQL components. The vulnerabilities allow highly privileged attackers to remotely exploit the server, which can lead to server crashes and denial of service. This problem can be exploited by attackers with network access, underscoring the need...

7.7CVSS5.7AI score0.73495EPSS
Exploits8References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : mariadb:10.5 (AXSA:2025-11081:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11081:01 advisory. mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log...

6.8CVSS5.5AI score0.01236EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : galera-26.4.11-1.el9, mariadb-10.5.16-2.el9, mysql-selinux-1.0.5-1.el9 (AXSA:2022-4045:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4045:01 advisory. mariadb: MariaDB through 10.5.9 allows attackers to trigger a convertconsttoint use-after-free when the BIGINT data type is used CVE-2021-46669...

7.8CVSS8.9AI score0.02458EPSS
Exploits29References36
OSV
OSV
added 2026/01/09 9:8 a.m.11 views

RLSA-2026:0136 Important: mariadb10.11 security update

MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs a...

7CVSS8.4AI score0.01236EPSS
Exploits0References8
OSV
OSV
added 2026/01/09 9:6 a.m.6 views

RLSA-2026:0247 Important: mariadb:10.11 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log CVE-2023-52969 mariadb: MariaDB Server...

7CVSS8.3AI score0.01236EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.4 views

RockyLinux 10 : mariadb10.11 (RLSA-2026:0136)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0136 advisory. mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log...

7CVSS7.3AI score0.01236EPSS
Exploits0References15
OSV
OSV
added 2026/01/08 11:43 a.m.9 views

BIT-LIBPHP-2025-14178 Heap buffer overflow in array_merge()

In PHP versions:8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1, a heap buffer overflow occurs in arraymerge when the total element count of packed arrays exceeds 32-bit limits or HTMAXSIZE, due to an integer overflow in the precomputation of...

8.2CVSS7.5AI score0.00428EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/08 12:0 a.m.4 views

RHEL 9 : mariadb:10.11 (RHSA-2026:0247)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0247 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: High Privilege Deni...

7CVSS7.4AI score0.01236EPSS
Exploits0References20
OSV
OSV
added 2026/01/07 12:0 a.m.17 views

ALSA-2026:0247 Important: mariadb:10.11 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log CVE-2023-52969 mariadb: MariaDB Server...

7CVSS8.3AI score0.01236EPSS
Exploits0References16
AlmaLinux
AlmaLinux
added 2026/01/07 12:0 a.m.19 views

Important: mariadb:10.11 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log CVE-2023-52969 mariadb: MariaDB Server...

7CVSS8.4AI score0.01236EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2026/01/06 1:46 p.m.6 views

Important: Red Hat Security Advisory: mariadb10.11 security update

An update for mariadb10.11 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7CVSS7.4AI score0.01236EPSS
Exploits0References13
OSV
OSV
added 2026/01/06 12:0 a.m.11 views

ALSA-2026:0136 Important: mariadb10.11 security update

MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs a...

7CVSS8.3AI score0.01236EPSS
Exploits0References16
Rows per page
Query Builder