Lucene search
K

154 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/21 12:0 a.m.7 views

Fedora 43 : cpp-httplib (2026-c2049f7220)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c2049f7220 advisory. Update to 0.37.0 rhbz2441656 - Fixes Denial of Service via crafted HTTP POST request CVE-2026-29076, rhbz2445663 Update to 0.35.0 - Payload size lim...

7.5CVSS6AI score0.00602EPSS
Exploits4References5
Cvelist
Cvelist
added 2026/03/04 7:36 p.m.34 views

CVE-2026-28435 Payload size limit bypass via gzip decompression in ContentReader (streaming) allows oversized request bodies in cpp-httplib

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, cpp-httplib httplib.h does not enforce Server::setpayloadmaxlength on the decompressed request body when using HandlerWithContentReader streaming ContentReader with Content-Encoding: gzip or other...

7.5CVSS0.00418EPSS
Exploits1References2
OSV
OSV
added 2026/03/04 7:36 p.m.4 views

CVE-2026-28435 Payload size limit bypass via gzip decompression in ContentReader (streaming) allows oversized request bodies in cpp-httplib

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, cpp-httplib httplib.h does not enforce Server::setpayloadmaxlength on the decompressed request body when using HandlerWithContentReader streaming ContentReader with Content-Encoding: gzip or other...

7.5CVSS5.6AI score0.00418EPSS
Exploits1References4
Fedora
Fedora
added 2025/11/17 2:59 a.m.15 views

[SECURITY] Fedora 42 Update: suricata-7.0.13-1.fc42

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC and SCALANCE Integer Overflow to Buffer Overflow (CVE-2025-0725)

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow. This plugin only works with Tenable.ot. Please...

7.3CVSS6.8AI score0.01218EPSS
Exploits1References5
Fedora
Fedora
added 2025/10/25 9:19 p.m.7 views

[SECURITY] Fedora 43 Update: suricata-7.0.12-1.fc43

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

7.5CVSS6.9AI score0.00344EPSS
Exploits0
Fedora
Fedora
added 2025/10/19 2:39 a.m.6 views

[SECURITY] Fedora 42 Update: suricata-7.0.12-1.fc42

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

7.5CVSS6.9AI score0.00344EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: curl (UTSA-2025-987462)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987462 advisory. When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, a...

7.3CVSS6.7AI score0.01218EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-1837

Malicious code in bioql PyPI...

7.3CVSS6.2AI score0.01218EPSS
Exploits1References9
Fedora
Fedora
added 2025/08/21 12:55 a.m.6 views

[SECURITY] Fedora 42 Update: suricata-7.0.11-1.fc42

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

7.5CVSS6.9AI score0.00432EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/08/01 5:42 p.m.3 views

jetty-server: Jetty: Gzip Request Body Buffer Corruption

A flaw was found in Eclipse Jetty. This vulnerability allows corrupted and inadvertent data sharing between requests via a gzip error when inflating a request body. If the request body is malformed, the gzip decompression process can fail, resulting in the application inadvertently using data fro...

7.2CVSS7.1AI score0.00453EPSS
Exploits0References6
F5 Networks
F5 Networks
added 2025/05/14 6:19 a.m.15 views

K000151312: cURL vulnerability CVE-2025-0725

Security Advisory Description When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow. CVE-2025-0725...

7.3CVSS6.7AI score0.01218EPSS
Exploits1
OpenVAS
OpenVAS
added 2025/05/13 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2025-1502)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.5AI score0.01218EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/12 12:0 a.m.5 views

EulerOS 2.0 SP10 : curl (EulerOS-SA-2025-1502)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option,using zlib...

7.3CVSS6.8AI score0.01218EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/12 12:0 a.m.6 views

EulerOS 2.0 SP10 : curl (EulerOS-SA-2025-1503)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option,using zlib...

7.3CVSS6.8AI score0.01218EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/06 12:0 a.m.9 views

EulerOS 2.0 SP12 : curl (EulerOS-SA-2025-1408)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-t...

7.3CVSS6.8AI score0.01218EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/05/06 12:0 a.m.13 views

EulerOS 2.0 SP12 : curl (EulerOS-SA-2025-1407)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-t...

7.3CVSS6.8AI score0.01218EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/04/11 12:0 a.m.15 views

EulerOS 2.0 SP11 : curl (EulerOS-SA-2025-1350)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the...

7.3CVSS6.9AI score0.01378EPSS
Exploits3References4
Fedora
Fedora
added 2025/04/03 1:37 a.m.18 views

[SECURITY] Fedora 41 Update: suricata-7.0.10-1.fc41

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

7.5CVSS7.2AI score0.00241EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/01 12:0 a.m.12 views

EulerOS 2.0 SP13 : curl (EulerOS-SA-2025-1330)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-t...

7.3CVSS6.8AI score0.01218EPSS
Exploits2References3
Rows per page
Query Builder