PT-2025-16269 · Ibm · Ibm Aspera Console

Name of the Vulnerable Software and Affected Versions: IBM Aspera Console versions 3.4.0 through 3.4.4 Description: The issue could disclose sensitive information in HTTP headers, which could be used in further attacks against the system. Recommendations: For IBM Aspera Console versions 3.4.0...

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.win-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling...

Azure Linux 3.0 Security Update: php (CVE-2025-1734)

The version of php installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1734 advisory. - In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when...

CVE-2025-0154

IBM TXSeries for Multiplatforms 9.1 and 11.1 could disclose sensitive information to a remote attacker due to improper neutralization of HTTP headers...

CVE-2025-0154 IBM TXSeries for Multiplatforms information disclosure

IBM TXSeries for Multiplatforms 9.1 and 11.1 could disclose sensitive information to a remote attacker due to improper neutralization of HTTP headers...

CVE-2025-0154

IBM TXSeries for Multiplatforms (versions 9.1 and 11.1) is affected by CVE-2025-0154 due to improper neutralization of HTTP headers, which could disclose sensitive information to a remote attacker. The issue is documented across multiple sources (NVD entry and IBM security bulletin) indicating th...

CVE-2025-0154 IBM TXSeries for Multiplatforms information disclosure

IBM TXSeries for Multiplatforms 9.1 and 11.1 could disclose sensitive information to a remote attacker due to improper neutralization of HTTP headers...

PT-2025-14509 · Ibm · Ibm Txseries For Multiplatforms

Name of the Vulnerable Software and Affected Versions: IBM TXSeries for Multiplatforms versions 9.1 through 11.1 Description: The issue could disclose sensitive information to a remote attacker due to improper neutralization of HTTP headers. Recommendations: For versions 9.1 and 11.1, update to a...

CVE-2025-1734

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers missing a colon : are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers...

CVE-2025-1734

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers missing a colon : are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers...

CVE-2025-1217 Header parser of http stream wrapper does not handle folded headers

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when http request module parses HTTP response obtained from a server, folded headers are parsed incorrectly, which may lead to misinterpreting the response and using incorrect headers, MIME...

CVE-2025-1217

CVE-2025-1217 affects PHP’s http stream wrapper: folded headers parsed incorrectly during HTTP response handling, which may cause misinterpretation of headers and MIME types. Public advisories reference fixes in PHP 8.1.x up to 8.1.32, 8.2.x up to 8.2.28, 8.3.x up to 8.3.19, and 8.4.x up to 8.4.5...

ROS-20250326-06

A vulnerability in the Twisted Web component of the Twisted networking framework is related to insufficient input data validation when processing HTTP headers. data when processing HTTP headers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Exploit for CVE-2025-29927

nextjs-CVE-2025-29927 A Nuclei template to detect CVE-2025-299...

UBUNTU-CVE-2025-1734

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers missing a colon : are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers...

UBUNTU-CVE-2025-1736

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted...

CVE-2025-27636

Bypass/Injection vulnerability in Apache Camel components under particular conditions. This issue affects Apache Camel: from 4.10.0 through = 4.10.1, from 4.8.0 through = 4.8.4, from 3.10.0 through = 3.22.3. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS an...

Security update for pcr-oracle, shim

This update for pcr-oracle, shim fixes the following issues: pcr-oracle: predict SbatLevelRT for the next boot bsc1230316 shim was updated to version 15.8: Update shim-install to use the 'removable' way for encrypted SL-Micro images bsc1230316 Always use the removable way for SL-Micro Limit the...

Linux Distros Unpatched Vulnerability : CVE-2024-42330

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HttpRequest object allows to get the HTTP headers from the server's response after sending the request. The problem is that the returned strings are created...

Linux Distros Unpatched Vulnerability : CVE-2024-34750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not...