CVE-2025-61689

HTTP.jl is an HTTP client and server functionality for the Julia programming language. Prior to version 1.10.19, HTTP.jl did not validate header names/values for illegal characters, allowing CRLF-based header injection and response splitting. This enables HTTP response splitting and header...

Array Networks ArrayOS <= 9.4.0.481 RCE (CVE-2023-28461)

The version of Array Networks ArrayOS running on the remote device is 9.4.0.481 or prior. It is, therefore, affected by a remote code execution vulnerability. Unauthenticated attackers could execute remote code by exploiting a specific attribute in an HTTP header, enabling them to browse the...

RockyLinux 9 : opentelemetry-collector (RLSA-2025:15887)

The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2025:15887 advisory. net/http: Sensitive headers not cleared on cross-origin redirect in net/http CVE-2025-4673 Tenable has extracted the preceding description block directly from th...

CVE-2025-11441

A vulnerability was identified in JhumanJ OpnForm up to 1.9.3. The affected element is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of excessive authentication attempts. The attack is possible to be carrie...

SUSE CVE-2025-58186

Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption...

CVE-2025-11441

A vulnerability was identified in JhumanJ OpnForm up to 1.9.3. The affected element is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of excessive authentication attempts. The attack is possible to be carrie...

CVE-2025-11441 JhumanJ OpnForm HTTP Header excessive authentication

A vulnerability was identified in JhumanJ OpnForm up to 1.9.3. The affected element is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of excessive authentication attempts. The attack is possible to be carrie...

CVE-2025-11441

The CVE-2025-11441 entry affects JhumanJ OpnForm (up to v1.9.3). The vulnerability lies in the HTTP Header Handler component, where manipulating the X-Forwarded-For parameter can lead to improper restriction of excessive authentication attempts. Impact is remote, with network attack vector, high ...

OpnForm 安全漏洞

OpnForm is a form builder by Julien Nahum Personal Developer. A security vulnerability exists in OpnForm 1.9.3 and earlier versions, which stems from improper manipulation of the parameter X-Forwarded-For in the HTTP Header Handler component, which may result in improperly limiting excessive...

PT-2025-41236

Name of the Vulnerable Software and Affected Versions JhumanJ OpnForm versions up to 1.9.3 Description A security issue exists in JhumanJ OpnForm related to improper restriction of excessive authentication attempts. The issue is located within the HTTP Header Handler component and involves...

CVE-2025-11284

A vulnerability has been found in Zytec Dalian Zhuoyun Technology Central Authentication Service 3. Affected by this vulnerability is an unknown functionality of the file /index.php/auth/Ops/git of the component HTTP Header Handler. The manipulation of the argument Authorization leads to use of...

EUVD-2021-25434

Malware in sbrugna...

EUVD-2011-3304

Malware in sbrugna...

EUVD-2006-2163

Malware in sbrugna...

EUVD-2020-24441

Malware in sbrugna...

EUVD-2021-10786

Malware in sbrugna...

EUVD-2018-7571

Malware in sbrugna...

EUVD-2018-7570

Malware in sbrugna...

EUVD-2015-2037

Malware in sbrugna...

EUVD-2013-0298

Malware in sbrugna...