234 matches found
PT-2026-45871
Name of the Vulnerable Software and Affected Versions openSeaChest version 26.03.0 Description An out of bounds write occurs during the Trim/Unmap operation in openSeaChest. This issue allows for writing 16 bytes of extra memory outside of the allocated space when describing a range of Logical...
Seagate openSeaChest ē¼å²åŗé误ę¼ę“
Seagate openSeaChest is a set of cross-platform storage device management tools developed by Seagate Corporation. The version v26.03.0 of Seagate openSeaChest contains a security vulnerability. This vulnerability stems from out-of-bound writing during the Trim/Unmap operations, which may lead to...
Astra Linux ā Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: jfs: Fixed null-ptr-deref in jfsioctrim Syzkaller Report Oops: General Protection Fault, likely for non-canonical addresses 0xdffffc0000000087: 0000 1 KASAN: null-ptr-deref in range 0x0000000000000438-0x000000000000043f CPU: 2...
BIT-MONGODB-2026-8202 Post-authentication CPU utilization DoS via $trim/$ltrim/$rtrim operators
Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilization at 100% for an extended period of time. This issue impacts MongoDB Server v7.0 versions prior to...
Linux Distros Unpatched Vulnerability : CVE-2026-8202
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with...
EUVD-2026-29894
Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilization at 100% for an extended period of time. This issue impacts MongoDB Server v7.0 versions prior to...
CVE-2026-8202
Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilization at 100% for an extended period of time. This issue impacts MongoDB Server v7.0 versions prior to...
CVE-2026-8202 Post-authentication CPU utilization DoS via $trim/$ltrim/$rtrim operators
Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilization at 100% for an extended period of time. This issue impacts MongoDB Server v7.0 versions prior to...
CVE-2026-8202 Post-authentication CPU utilization DoS via $trim/$ltrim/$rtrim operators
Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilization at 100% for an extended period of time. This issue impacts MongoDB Server v7.0 versions prior to...
CVE-2026-8202
Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilization at 100% for an extended period of time. This issue impacts MongoDB Server v7.0 versions prior to...
CVE-2026-8202
CVE-2026-8202 affects MongoDB Server prior to certain fixed versions: v7.0 before 7.0.34, v8.0 before 8.0.23, v8.2 before 8.2.9, and v8.3 before 8.3.2. The issue is a post-authentication CPU DoS caused by using a densely populated characters mask with large input strings in the MongoDB aggregatio...
CVE-2026-8202 Post-authentication CPU utilization DoS via $trim/$ltrim/$rtrim operators
Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilization at 100% for an extended period of time. This issue impacts MongoDB Server v7.0 versions prior to...
PT-2026-40552
Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 7.0.34 MongoDB Server versions prior to 8.0.23 MongoDB Server versions prior to 8.2.9 MongoDB Server versions prior to 8.3.2 Description An authenticated user with aggregation permissions can cause CPU...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013322)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013322 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in tcpbpfsendmsg while sk msg is full If tcpbpfsendmsg is running while...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007582)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007582 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: clear extent cache after moving/defragmenting extents The extent map cache can become stal...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005427)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005427 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: Fix null-ptr-deref in jfsioctrim Syzkaller Report Oops: general protection fault, probably f...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005807)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005807 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: Fix null-ptr-deref in jfsioctrim Syzkaller Report Oops: general protection fault, probably f...
CVE-2025-71237
In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fix potential block overflow that cause system hang When a user executes the FITRIM command, an underflow can occur when calculating nblocks if endblock is too small. Since nblocks is of type sectort, which is u64, a...
MiracleLinux 7 : rh-nodejs12-nodejs-12.16.1-1.el7 (AXSA:2020-4480:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4480:02 advisory. nodejs: HTTP request smuggling using malformed Transfer-Encoding header CVE-2019-15605 nodejs: Remotely trigger an assertion on a TLS server with a...
š Adobe DNG SDK Image Processing Logic
Proof of concept exploit that demonstrates a heap out-of-bounds read / write leading to memory corruption and potential code execution in the Image Processing Logic of Adobe DNG SDK versions prior to 1.7.1.2410...