BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20).

...

Linux Distros Unpatched Vulnerability : CVE-2025-12105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the asynchronous message queue handling of the libsoup library, widely used by GNOME and WebKit-based applications to manage HTTP/2...

CVE-2025-12105

A flaw was found in the asynchronous message queue handling of the libsoup library, widely used by GNOME and WebKit-based applications to manage HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed twice due to missin...

EUVD-2020-22517

Malware in sbrugna...

EUVD-2018-20109

Malware in sbrugna...

EUVD-2008-5071

Malware in sbrugna...

EUVD-2021-22783

Malware in sbrugna...

EUVD-2015-9383

Malware in sbrugna...

EUVD-2016-8021

Malware in sbrugna...

EUVD-2017-8619

Malware in sbrugna...

EUVD-2020-20700

Malware in sbrugna...

EUVD-2018-19032

Malware in sbrugna...

EUVD-2019-6929

Malware in sbrugna...

EUVD-2021-10772

Malware in sbrugna...

EUVD-2019-18889

Malware in sbrugna...

EUVD-2008-5072

Malware in sbrugna...

EUVD-2019-7816

Malware in sbrugna...

EUVD-2020-20701

Malware in sbrugna...

EUVD-2024-0747

Malicious code in bioql PyPI...

EUVD-2024-54189

Malicious code in bioql PyPI...