11193 matches found
EUVD-2024-29492
Malicious code in bioql PyPI...
EUVD-2023-1359
Malicious code in bioql PyPI...
EUVD-2022-32797
Malicious code in bioql PyPI...
EUVD-2023-37639
Malicious code in bioql PyPI...
EUVD-2024-54196
Malicious code in bioql PyPI...
EUVD-2025-25724
Malicious code in bioql PyPI...
EUVD-2023-2224
Malicious code in bioql PyPI...
EUVD-2022-27675
Malicious code in bioql PyPI...
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
A flaw in Netty’s HTTP/1.1 chunked encoding parser allows newline LF characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same...
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
A flaw in Netty’s HTTP/1.1 chunked encoding parser allows newline LF characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same...
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
A flaw in Netty’s HTTP/1.1 chunked encoding parser allows newline LF characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same...
Squid Buffer Overflow Vulnerability (Sep 2025)
Squid is prone to a buffer overflow vulnerability as it mishandles ASN.1 encoding of long SNMP OIDs. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Probeless Vs Probe-Based Variable-Strength Eavesdropping in Quantum Key Distribution
Quantum key distribution QKD is a provably secure way of generating a secret key, which can later be used for encoding and decoding information. In this paper we analyze the effects of an eavesdropper's variable-strength measurements on QKD. Two types of measurements have been considered: i a...
SUSE CVE-2025-59362
Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asnbuildobjid in lib/snmplib/asn1.c...
CVE-2025-59937
Go-mail (github.com/wneessen/go-mail) vulnerable in versions
CVE-2025-59937 go-mail has insufficient address encoding when passing mail addresses to the SMTP client
go-mail is a comprehensive library for sending mails with Go. In versions 0.7.0 and below, due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, there is a possibility of wrong...
CVE-2025-59937 go-mail has insufficient address encoding when passing mail addresses to the SMTP client
go-mail is a comprehensive library for sending mails with Go. In versions 0.7.0 and below, due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, there is a possibility of wrong...
CVE-2025-23274
NVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user may cause an out-of-bounds read by providing a maliciously crafted input image with dimensions that cause integer overflows in array index calculations. A successful exploit of this vulnerability may lead to denial of service...
go-mail has insufficient address encoding when passing mail addresses to the SMTP client
Impact Due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, this could lead to a possible wrong address routing or even to ESMTP parameter smuggling. Vulnerability details Instead ...
GHSA-WPWJ-69CM-Q9C5 go-mail has insufficient address encoding when passing mail addresses to the SMTP client
Impact Due to incorrect handling of the mail.Address values when a sender- or recipient address is passed to the corresponding MAIL FROM or RCPT TO commands of the SMTP client, this could lead to a possible wrong address routing or even to ESMTP parameter smuggling. Vulnerability details Instead ...