Lucene search
K

201 matches found

EUVD
EUVD
added 2026/01/15 7:24 p.m.3 views

EUVD-2026-2737

H3 is a minimal HTTP framework built for high performance and portability. Prior to 1.15.5, there is a critical HTTP Request Smuggling vulnerability. readRawBody is doing a strict case-sensitive check for the Transfer-Encoding header. It explicitly looks for "chunked", but per the RFC, this heade...

8.9CVSS6.3AI score0.00576EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/01/15 7:24 p.m.5 views

CVE-2026-23527

H3 is a minimal HTTP framework built for high performance and portability. Prior to 1.15.5, there is a critical HTTP Request Smuggling vulnerability. readRawBody is doing a strict case-sensitive check for the Transfer-Encoding header. It explicitly looks for "chunked", but per the RFC, this heade...

9.8CVSS5.6AI score0.00576EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.5 views

H3 Environmental Issues and Vulnerabilities

H3 is an open-source HTTP framework developed by H3. Versions prior to H3 1.15.5 contained an environmental issue vulnerability. This vulnerability stemmed from the strict case-sensitive handling of the Transfer-Encoding header, which could lead to HTTP request payload attacks...

9.8CVSS5.8AI score0.00576EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/09 11:28 a.m.6 views

CVE-2021-27671

An issue was discovered in the comrak crate before 0.9.1 for Rust. XSS can occur because the protection mechanism for data: and javascript: URIs is case-sensitive, allowing for example Data: to be used in an attack...

6.1CVSS6AI score0.00686EPSS
Exploits0References1
Snyk
Snyk
added 2025/10/16 7:51 a.m.1 views

Malicious Package

Overview case-sensitive-paths is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.2 views

Cursor < 1.7 RCE (GHSA-xcwh-rrwj-gxc7)

The version of Cursor installed on the remote host is prior to 1.7. It is, therefore, affected by a remote code execution vulnerability. Versions 1.6.23 and below contain case-sensitive checks in the way Cursor IDE protects its sensitive files e.g., /.cursor/mcp.json, which allows attackers to...

9.8CVSS6.3AI score0.00337EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-2772

Malware in sbrugna...

10CVSS6.4AI score0.04846EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-1936

Malware in sbrugna...

6.1CVSS6.1AI score0.00686EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-4673

Malware in sbrugna...

10CVSS6.4AI score0.02105EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/03 8:15 p.m.5 views

EUVD-2025-32373

Cursor is a code editor built for programming with AI. Versions 1.6.23 and below contain case-sensitive checks in the way Cursor IDE protects its sensitive files e.g., /.cursor/mcp.json, which allows attackers to modify the content of these files through prompt injection and achieve remote code...

8CVSS7.7AI score0.00337EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-39928

Malicious code in bioql PyPI...

8.2CVSS6.7AI score0.00598EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-0634

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00946EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-3490

Malicious code in bioql PyPI...

3.7CVSS6.3AI score0.00376EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/03 12:0 a.m.4 views

Cursor 安全漏洞

Cursor is an AI code editor from Cursor Open Source. A security vulnerability exists in Cursor 1.6.23 and earlier versions, which stems from insufficient case-sensitive checking and could lead to remote code execution...

9.8CVSS7.6AI score0.00337EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/29 6:55 p.m.3 views

Malicious code in case-sensitive-paths (npm)

The package case-sensitive-paths was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References2
OSV
OSV
added 2025/08/29 6:55 p.m.2 views

MAL-2025-41953 Malicious code in case-sensitive-paths (npm)

The package case-sensitive-paths was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References2
OSV
OSV
added 2025/08/01 1:3 p.m.7 views

OESA-2025-1938 python-Flask-Cors security update

A Flask extension for handling Cross Origin Resource Sharing CORS, making cross-origin AJAX possible. Security Fixes: corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more specific ones when matching...

7.5CVSS6.7AI score0.00652EPSS
Exploits3References4
OSV
OSV
added 2025/07/02 4:59 a.m.6 views

USN-7612-1 python-flask-cors vulnerabilities

It was discovered that Flask-CORS did not correctly handle certain regular expressions. A remote attacker could possibly use this issue to leak sensitive information or bypass authentication mechanisms. CVE-2024-6839 It was discovered that Flask-CORS allowed certain CORS headers to be enabled by...

7.5CVSS6.8AI score0.00677EPSS
Exploits5References6
CNNVD
CNNVD
added 2025/05/29 12:0 a.m.6 views

Apache Tomcat 安全漏洞

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server . Used to implement the Servlet and JavaServer Page JSP support. A security bypass vulnerability exists in Apache Tomcat due to improper handling of a case-sensitive vulnerability in the GCI servle...

7.3CVSS6.5AI score0.02608EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2025/05/16 9:32 p.m.20 views

Spring Framework DataBinder Case Sensitive Match Exception

CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for request parameter names. However, there are still cases where it is possible to bypass the disallowedFields checks. Affected Spring Products and Versions Spring Framework: 6.2...

5.3CVSS6.8AI score0.00631EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder