29 matches found
CVE-2010-0101
The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause a denial of service operating system halt via a malformed HTTP Authorization header...
CVE-2020-12624
The League application before 2020-05-02 on Android sends a bearer token in an HTTP Authorization header to an arbitrary web site that hosts an external image because an OkHttp object is reused, which allows remote attackers to hijack sessions...
EUVD-2018-0131
Malware in sbrugna...
EUVD-2013-3030
Malware in sbrugna...
EUVD-2002-0561
Malware in sbrugna...
CVE-2025-54956
The gh package before 1.5.0 for R delivers an HTTP response in a data structure that includes the Authorization header from the corresponding HTTP request...
CVE-2019-19703
In Ktor through 1.2.6, the client resends data from the HTTP Authorization header to a redirect location...
SUSE-SU-2025:1519-1 Security update for libsoup
This update for libsoup fixes the following issues: - CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing content bsc1240750 - CVE-2025-32050: Fixed Integer overflow in appendparamquoted bsc1240752 - CVE-2025-32052: Fixed heap buffer overflow in sniffunknown...
SUSE-SU-2025:1510-1 Security update for libsoup
This update for libsoup fixes the following issues: - CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing conten bsc1240750 - CVE-2025-32050: Fixed integer overflow in appendparamquoted bsc1240752 - CVE-2025-32051: Fixed segmentation fault when parsing malformed dat...
Pandora Security Breach
Pandora is an analytics framework for discovering if a file is suspicious and displaying the results conveniently. A security vulnerability exists in Pandora FMS versions prior to 700 to 777 that stems from the presence of SQL injection, which results in the exploitation of the HTTP Request...
Fedora 36 : apptainer (2023-677d58bb20)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-677d58bb20 advisory. Update to upstream 1.1.6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested fo...
SUSE-SU-2022:1819-1 Security update for python-requests
This update for python-requests fixes the following issues: - CVE-2018-18074: Fixed to prevent the package to send an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect. bsc1111622...
SUSE SLES15 Security Update : python-requests (SUSE-SU-2022:1448-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1448-1 advisory. - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-ht...
SUSE-SU-2022:1448-1 Security update for python-requests
This update for python-requests fixes the following issues: - CVE-2018-18074: Fixed sending an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect bsc1111622...
GHSA-XWGQ-PCQX-HPMV URL Redirection to Untrusted Site (Open Redirect) in Ktor
In Ktor through 1.2.6, the client resends data from the HTTP Authorization header to a redirect location...
CVE-2019-19703
In Ktor through 1.2.6, the client resends data from the HTTP Authorization header to a redirect location...
Security update for python-requests (moderate)
openSUSE Security Update: Security update for python-requests Announcement ID: openSUSE-SU-2019:1754-1 Rating: moderate References: 1111622 Cross-References: CVE-2018-18074 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...
SUSE-SU-2019:1487-2 Security update for python-requests
This update for python-requests to version 2.20.1 fixes the following issues: Security issue fixed: - CVE-2018-18074: Fixed an information disclosure vulnerability of the HTTP Authorization header bsc1111622...
CVE-2018-18074
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network...
CVE-2018-18074
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network...