An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
7.5CVSS
7.8AI Score
0.001EPSS
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-p...
6.5CVSS
6.8AI Score
0.009EPSS
Issue summary: The AES-SIV cipher implementation contains a bug that causesit to ignore empty associated data entries which are unauthenticated asa consequence. Impact summary: Applications that use the AES-SIV algorithm and want toauthenticate empty data entries as associated data can be mislead b...
5.3CVSS
6AI Score
0.004EPSS
iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.
7.5CVSS
7.6AI Score
0.003EPSS