3357 matches found
ALPINE-CVE-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
AZL-74979 CVE-2025-55131 affecting package nodejs for versions less than 20.14.0-13
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
CVE-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
UBUNTU-CVE-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
CVE-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
CVE-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
CVE-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
CVE-2025-55131
CVE-2025-55131 relates to Node.js buffer allocation in the vm module with timeout, which can expose uninitialized memory in buffers (Buffer.alloc and Uint8Array) under specific timing. Connected advisories confirm the issue affects multiple Node.js packages across distributions (examples: nodejs1...
CVE-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
CVE-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
MiracleLinux 9 : kernel-5.14.0-362.13.1.el9_3 (AXSA:2024-7406:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7406:02 advisory. kernel: use-after-free vulnerability in the smb client component CVE-2023-5345 kernel: IGB driver inadequate buffer size for frames larger than MTU...
MiracleLinux 9 : kernel-5.14.0-427.18.1.el9_4 (AXSA:2024-8445:16)
"The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8445:16 advisory. kernel: netfilter: nftables: mark set as dead when unbinding anonymous set with timeout CVE-2024-26643 kernel: netfilter: nftables: disallow...
MiracleLinux 9 : bind-9.16.23-1.el9.1 (AXSA:2022-4081:05)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4081:05 advisory. bind: BIND 9 resolvers configured to answer from cache with zero stale-answer-timeout may terminate unexpectedly CVE-2022-3080 bind: memory leak in...
MiracleLinux 9 : kernel-5.14.0-427.26.1.el9_4 (AXSA:2024-8593:22)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8593:22 advisory. kernel: TIPC message reassembly use-after-free remote code execution vulnerability CVE-2024-36886 kernel: ethernet: hisilicon: hns: hnsdsafmisc: fix...
MiracleLinux 8 : bind9.16-9.16.23-0.7.el8.1 (AXSA:2022-3875:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3875:02 advisory. bind: BIND 9 resolvers configured to answer from cache with zero stale-answer-timeout may terminate unexpectedly CVE-2022-3080 bind: memory leak in...
MiracleLinux 8 : kernel-4.18.0-513.9.1.el8_9 (AXSA:2024-7403:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7403:01 advisory. kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe CVE-2023-2163 kernel: tun: bugs for oversize...
MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.161-2.6.12.0.AXS4 (AXSA:2017-2469:04)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2469:04 advisory. Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to...
OPENSUSE-SU-2026:20058-1 Security update for go-sendxmpp
This update for go-sendxmpp fixes the following issues: Changes in go-sendxmpp: - Update to 0.15.1: Added Add XEP-0359 Origin-ID to messages requires go-xmpp = v0.2.18. Changed HTTP upload: Ignore timeouts on disco IQs as some components do not reply. - Upgrades the embedded golang.org/x/net to...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001436)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001436 advisory. Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004211)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004211 advisory. A stack information leak flaw was found in s390/s390x in the Linux kernels memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmmtimeout...