21 matches found
CVE-2026-32731
creationtimestamp| type| source ---|---|--- 2026-03-18 17:17:17+00:00| published-proof-of-concept| https://github.com/apostrophecms/apostrophe/security/advisories/GHSA-mwxc-m426-3f78 2026-03-18 23:20:08+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhemsomimm2u 2026-03-19...
Linux Distros Unpatched Vulnerability : CVE-2023-32731
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be...
MedDream PACS Premium radiationDoseReport.php reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2176 MedDream PACS Premium radiationDoseReport.php reflected cross-site scripting XSS vulnerability July 28, 2025 CVE Number CVE-2025-32731 SUMMARY A reflected cross-site scripting xss vulnerability exists in the radiationDoseReport.php functionality of...
Important: Red Hat Security Advisory: rhc-worker-playbook security update
An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Security Bulletin: IBM Asset Data Dictionary Component uses grpc-protobuf-1.50.2.jar and jettison-1.5.2.jar which is vulnerable to CVE-2023-32731 and CVE-2023-1436
Summary IBM Asset Data Dictionary Component uses grpc-protobuf-1.50.2.jar and jettison-1.5.2.jar which is vulnerable to CVE-2023-32731 and CVE-2023-1436. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-32731 DESCRIPTION: gRPC...
CVE-2024-32731 Missing Authorization check in SAP My Travel Requests
SAP My Travel Requests does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker can upload a malicious attachment to a business trip request which will lead to a low impact on the confidentiality,...
CVE-2024-32731 Missing Authorization check in SAP My Travel Requests
SAP My Travel Requests does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker can upload a malicious attachment to a business trip request which will lead to a low impact on the confidentiality,...
CVE-2024-32731
SAP My Travel Requests contains a privilege-escalation vulnerability due to missing authorization checks for authenticated users. Exploitation could allow an attacker to upload a malicious attachment to a business trip request, with low impact on confidentiality, integrity and availability as des...
openSUSE Security Advisory (SUSE-SU-2024:0573-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
BELL-CVE-2023-32731
Bulletin has no description...
Security Bulletin: gRPC component is vulnerable to CVE-2023-32731 is used by IBM Maximo Application Suite
Summary IBM Maximo Application Suite uses gRPC package which is vulnerable to CVE-2023-32731. Vulnerability Details CVEID:CVE-2023-32731 DESCRIPTION: gRPC could allow a remote attacker to obtain sensitive information, caused by a flaw when gRPC HTTP2 stack raised a header size exceeded error. By...
Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.11 and earlier
Summary This fix upgrades to grpc 1.55.1, jersey 2.39.1, jackson 2.15.2, and socket.io 4.6.2. Vulnerability Details CVEID:CVE-2023-31125 DESCRIPTION: Engine.IO is vulnerable to a denial of service, caused by an uncaught exception. By sending a specially crafted HTTP request, a remote authenticate...
CVE-2023-32731
creationtimestamp| type| source ---|---|--- 2023-06-09 14:21:41+00:00| published-proof-of-concept| https://t.me/cibsecurity/65098...
CVE-2023-32731 vulnerabilities
Vulnerabilities for packages: wavefront-proxy...
CVE-2023-32731 vulnerabilities
Vulnerabilities for packages: wavefront-proxy...
CVE-2023-32731
CVE-2023-32731 involves a vulnerability in the gRPC HTTP/2 HPACK handling. When the HPACK header size exceeded error is raised, the stack skips parsing the remainder of the HPACK frame, causing HPACK table mutations to be ignored and desynchronizing the HPACK tables between sender and receiver. T...
CVE-2022-32731
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...
CVE-2022-32731
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...
CVE-2021-32731
creationtimestamp| type| source ---|---|--- 2021-07-01 22:31:19+00:00| seen| https://t.me/cibsecurity/25877...
CVE-2021-32731
CVE-2021-32731 affects XWiki Platform; between versions 13.1RC1 and 13.1, the reset-password form exposes the user’s email address when a username is supplied. The issue is resolved in version 13.2RC1; as a workaround, the vulnerability can be mitigated by manually editing the resetpasswordinline...