72 matches found
undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF
A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-11332)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-11332 advisory. - A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency...
CVE-2026-11332
A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...
UBUNTU-CVE-2026-11332
A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...
CVE-2026-11332
A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...
EUVD-2026-34791
A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...
Linux Distros Unpatched Vulnerability : CVE-2026-46067
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp Users can set...
CVE-2026-35277
Vulnerability in Oracle REST Data Services component: Core. Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle REST Data Services. Successful attacks of this vulnerability can...
Astra Linux – Vulnerability in Linux 5.10, Linux
A flaw in incorrect access control in the Linux kernel’s USB core subsystem was discovered in the way users attach USB devices. A local user could exploit this flaw to crash the system...
Oracle Identity Manager (April 2026 CPU)
The 14.1.2.1.0 version of Identity Manager installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2026 CPU advisory: - Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware component: Identity Console. Easily exploitable...
Oracle PeopleSoft Enterprise PeopleTools 安全漏洞
Oracle PeopleSoft Enterprise PeopleTools is a technology provided by Oracle Corporation for PeopleSoft applications, designed to keep up with user needs and expectations. Versions 8.61 to 8.62 of Oracle PeopleSoft Enterprise PeopleTools contain security vulnerabilities. These vulnerabilities stem...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in spring-core (CVE-2025-41249)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-41249 of spring-core-6.2.6.jar. Vulnerability Details CVEID:CVE-2025-41249 DESCRIPTION: The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a...
EUVD-2021-26845
Malware in sbrugna...
EUVD-2022-6638
Malicious code in bioql PyPI...
EUVD-2021-7635
Malicious code in bioql PyPI...
EUVD-2022-34658
Malicious code in bioql PyPI...
EUVD-2022-3088
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2019-2864
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.2.32 and...
Linux Distros Unpatched Vulnerability : CVE-2024-21141
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 7.0.20. Easily...
Linux Distros Unpatched Vulnerability : CVE-2023-21991
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior t...