3355 matches found
CVE-2026-21720
Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel...
UBUNTU-CVE-2026-21720
Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel...
EUVD-2026-4841
Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel...
CVE-2026-21720
Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel...
PT-2026-4877
Name of the Vulnerable Software and Affected Versions Grafana affected versions not specified Description The software can crash due to a memory exhaustion issue triggered by uncached requests to the /avatar/:hash endpoint. Each request spawns a goroutine to refresh the Gravatar image. If this...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005140)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005140 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcprtodeltaus We have some machines running stock Ubuntu 20.04.6...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005165)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005165 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on scosocktimeout conn-sk maybe have been unlinked/freed while waiting fo...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005156)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005156 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal completion If request timetout is handled by...
BIT-NODE-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
BIT-NODE-MIN-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004953)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004953 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: qup: jump out of the loop in case of timeout Original logic only sets the return value but...
OESA-2026-1231 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smpexecutetasksg When executing SMP task failed, the smpexecutetasksg calls deltimer to delete "slowtask-timer". However,...
Exploit for CVE-2026-24061
CVE-2026-24061 CVE-2026-24061 Batch Scanning Tool How to us...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37997)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37997 advisory. - In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38075)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38075 advisory. - In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix timeout on...
Azure Linux 3.0 Security Update: kernel (CVE-2024-49855)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49855 advisory. - In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal...
CVE-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
AZL-74967 CVE-2025-55131 affecting package nodejs18 for versions less than 18.20.3-11
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
AZL-74979 CVE-2025-55131 affecting package nodejs for versions less than 20.14.0-13
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
ALPINE-CVE-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...