16 matches found
Security Bulletin: Erlang OTP inets httpd Vulnerable to HTTP Request Smuggling via Duplicate Content-Length Headers
Summary Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in Erlang OTP inets httpd module allows HTTP Request Smuggling. This vulnerability is associated with program files lib/inets/src/httpserver/httpdrequest.erl and program routines httpdrequest:parseheaders/...
OESA-2026-1667 erlang security update
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Inconsistent Interpretation of HTTP Requests 'HTTP...
CVE-2026-23941
creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0321/ 2026-03-19 12:55:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mhg2dyh6a52q...
Linux Distros Unpatched Vulnerability : CVE-2026-23941
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in Erlang OTP inets httpd module allows HTTP Request Smuggling. This...
CVE-2025-23941
creationtimestamp| type| source ---|---|--- 2025-01-16 21:20:51+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7j735xw2p 2025-01-16 21:49:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lfvb467yyv2g 2025-01-16 22:56:15+00:00| seen|...
CVE-2025-23941
CVE-2025-23941 details (connected RH/CVE and EUVD sources): Stored XSS in MeinTurnierplan.de Widget Viewer due to improper input neutralization during web page generation. Affected software: MeinTurnierplan.de Widget Viewer (versions up to 1.1). The issue is described as cross-site scripting with...
CVE-2025-23941 WordPress MeinTurnierplan.de Widget Viewer plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in meinturnierplan MeinTurnierplan.de Widget Viewer meinturnierplande-widget-viewer allows Stored XSS.This issue affects MeinTurnierplan.de Widget Viewer: from n/a through = 1.1...
CVE-2025-23941 WordPress MeinTurnierplan.de Widget Viewer plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in meinturnierplan MeinTurnierplan.de Widget Viewer meinturnierplande-widget-viewer allows Stored XSS.This issue affects MeinTurnierplan.de Widget Viewer: from n/a through = 1.1...
CVE-2024-23941
creationtimestamp| type| source ---|---|--- 2024-02-01 05:21:47+00:00| seen| https://t.me/ctinow/177322...
CVE-2024-23941
Cross-site scripting vulnerability exists in Group Office prior to v6.6.182, prior to v6.7.64 and prior to v6.8.31, which may allow a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product...
CVE-2024-23941
The CVE-2024-23941 entry affects Group Office: a stored cross-site scripting vulnerability (CWE-79) that could allow a remote authenticated attacker to execute arbitrary scripts in the web browser of the logged-in user. Affected versions are Group Office < 6.6.182, < 6.7.64, and
CVE-2023-23941
SwagPayPal (Shopware) vulnerable to a mismatch between the amount/item list sent to PayPal and the actual created order when using JavaScript-based PayPal checkout methods (PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, credit card). Root cause: inconsistent data sent to PayPal durin...
CVE-2023-23941 SwagPayPal payment not sent to PayPal correctly
SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card, the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has bee...
CVE-2023-23941 SwagPayPal payment not sent to PayPal correctly
SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card, the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has bee...
CVE-2021-23941
...
CVE-2021-23941
CVE-2021-23941: This CVE entry is rejected/not used and does not represent an active vulnerability.