21 matches found
SUSE CVE-2026-22028
Preact, a lightweight web development framework, JSON serialization protection to prevent Virtual DOM elements from being constructed from arbitrary JSON. A regression introduced in Preact 10.26.5 caused this protection to be softened. In applications where values from JSON payloads are assumed t...
UBUNTU-CVE-2026-22028
Preact, a lightweight web development framework, JSON serialization protection to prevent Virtual DOM elements from being constructed from arbitrary JSON. A regression introduced in Preact 10.26.5 caused this protection to be softened. In applications where values from JSON payloads are assumed t...
CVE-2026-22028
Preact, a lightweight web development framework, JSON serialization protection to prevent Virtual DOM elements from being constructed from arbitrary JSON. A regression introduced in Preact 10.26.5 caused this protection to be softened. In applications where values from JSON payloads are assumed t...
CVE-2026-22028 Preact has JSON VNode Injection issue
Preact, a lightweight web development framework, JSON serialization protection to prevent Virtual DOM elements from being constructed from arbitrary JSON. A regression introduced in Preact 10.26.5 caused this protection to be softened. In applications where values from JSON payloads are assumed t...
CVE-2026-22028
CVE-2026-22028 affects Preact where a regression in 10.26.5 weakened JSON serialization protection, allowing JSON payloads to be mis-parsed as valid VNodes and potentially leading to HTML injection and script execution if CSP or other mitigations are not in place. Affected versions include 10.26....
Linux Distros Unpatched Vulnerability : CVE-2026-22028
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Preact, a lightweight web development framework, JSON serialization protection to prevent Virtual DOM elements from being constructed from arbitrary JSON. A...
GHSA-36HM-QXXP-PG3M Preact has JSON VNode Injection issue
Impact Vulnerability Type: HTML Injection via JSON Type Confusion Affected Versions: Preact 10.26.5 through 10.28.1 Severity: Low to Medium see below Who is Impacted? Applications using affected Preact versions are vulnerable if they meet all of the following conditions: 1. Pass unmodified,...
Preact has JSON VNode Injection issue
Impact Vulnerability Type: HTML Injection via JSON Type Confusion Affected Versions: Preact 10.26.5 through 10.28.1 Severity: Low to Medium see below Who is Impacted? Applications using affected Preact versions are vulnerable if they meet all of the following conditions: 1. Pass unmodified,...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990522)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990522 advisory. In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afsgetattr consult the server didn't accou...
EUVD-2009-2900
Malware in sbrugna...
SUSE CVE-2022-49688
In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afsgetattr consult the server didn't account for the pseudo-inodes employed by the dynamic root-type afs superblock not having a volume or a server to access, and thus an oop...
DEBIAN-CVE-2022-49688
In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afsgetattr consult the server didn't account for the pseudo-inodes employed by the dynamic root-type afs superblock not having a volume or a server to access, and thus an oop...
CVE-2022-49688
In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afsgetattr consult the server didn't account for the pseudo-inodes employed by the dynamic root-type afs superblock not having a volume or a server to access, and thus an oop...
kernel: afs: Fix dynamic root getattr
In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afsgetattr consult the server didn't account for the pseudo-inodes employed by the dynamic root-type afs superblock not having a volume or a server to access, and thus an oop...
CVE-2016-6247
OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service kernel panic by unmounting a filesystem with an open vnode on the mntvnodelist...
CVE-2016-6247
OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service kernel panic by unmounting a filesystem with an open vnode on the mntvnodelist...
FreeBSD远程拒绝服务漏洞
Bugtraq ID:66726 CVE ID:CVE-2014-1453 FreeBSD是一种UNIX操作系统,是由经过BSD、386BSD和4.4BSD发展而来的Unix的一个重要分支。 FreeBSD在转换目标文件句柄为vnode时存在锁顺序错误,这可导致死锁,造成拒绝服务。 0 FreeBS 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: http://www.freebsd.org/security/index.html...
FreeBSD fifo_vnops.c资源泄漏本地拒绝服务漏洞
BUGTRAQ ID: 36949 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD的usr/src/sys/fs/fifofs/fifovnops.c文件中存在资源泄漏漏洞: / Open called to set up a new instance of a fifo or to find an active instance of a fifo. / / ARGSUSED / static int fifoopenap struct vopopenargs / struct vnode avp; int amode; struc...
Design/Logic Flaw
The 1 sendfile and 2 sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv110, allow local users to cause a denial of service panic via vectors related to vnode function calls...
CVE-2009-2912
The 1 sendfile and 2 sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv110, allow local users to cause a denial of service panic via vectors related to vnode function calls...