5 matches found
EUVD-2025-4010
Malicious code in bioql PyPI...
CVE-2016-10517
creationtimestamp| type| source ---|---|--- 2025-02-07 16:19:42+00:00| seen| https://t.me/cvedetector/17492 2025-02-13 23:11:19+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4357 2025-02-14 01:17:37+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4411 2025-02-14 10:09:23+00:00| seen|...
CVE-2025-25069 Apache Kvrocks: Cross-Protocol Scripting Vulnerability
A Cross-Protocol Scripting vulnerability is found in Apache Kvrocks. Since Kvrocks didn't detect if "Host:" or "POST" appears in RESP requests, a valid HTTP request can also be sent to Kvrocks as a valid RESP request and trigger some database operations, which can be dangerous when it is chained...
CVE-2016-10517
networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol but commonly occur when an attack triggers an HTTP request to the Redis TCP port...
CVE-2016-10517
CVE-2016-10517 describes a Cross Protocol Scripting vulnerability in Redis prior to 3.2.7. The issue arises in networking.c where Redis does not validate HTTP-like elements (POST and Host:) in data that can arrive on the Redis TCP port, allowing an HTTP-style request to be misinterpreted as a Red...