CVE-2026-48480

The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.22.FInal, the codec-ohttp implementation of draft-ietf-ohai-chunked-ohttp does not verify that a cryptographically-signed final chunk was received before the outer HTTP body terminates. An on-path adversar...

EUVD-2022-3293

Malicious code in bioql PyPI...

OESA-2024-2209 squid security update

Squid is a high-performance proxy caching server. It handles all requests in a single, non-blocking, I/O-driven process and keeps meta data and implements negative caching of failed requests. Security Fixes: Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid ma...

OESA-2024-2060 squid security update

Squid is a high-performance proxy caching server. It handles all requests in a single, non-blocking, I/O-driven process and keeps meta data and implements negative caching of failed requests. Security Fixes: Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid ma...

DEBIAN-CVE-2022-41556

A resource leak in gwbackend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service connection-slot exhaustion after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of modfastcgi is, for example,...

Debian: Security Advisory (DSA-4607-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 4607-1] openconnect security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4607-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 20, 2020 https://www.debian.org/security/faq -...

security issues addressed, most notably the mod_security heap overflow known as CVE-2014-0226 (important)

apache2: - ECC support was added to modssl - fix for a race condition in modstatus known as CVE-2014-0226 can lead to information disclosure; modstatus is not active by default, and is normally only open for connects from localhost. - fix for bug known as CVE-2014-0098 that can crash the apache...

Ubuntu: Security Advisory (USN-2100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 12.04 LTS / 12.10 / 13.10 : pidgin vulnerabilities (USN-2100-1)

Thijs Alkemade and Robert Vehse discovered that Pidgin incorrectly handled the Yahoo! protocol. A remote attacker could use this issue to cause Pidgin to crash, resulting in a denial of service. CVE-2012-6152 Jaime Breva Ribes discovered that Pidgin incorrectly handled the XMPP protocol. A remote...