16552 matches found
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the audit logging process. An attacker can obtain sensitive information by accessing improperly redacted HTTP request bodies recorded in audit logs. This may expose short-lived...
HTTP Request Smuggling
ASP.NET Core is vulnerable to HTTP Request Smuggling.The vulnerability is due to inconsistent interpretation of HTTP requests between front-end and back-end components, which allows an authorized attacker to bypass security features over a network...
CVE-2025-60335
A NULL pointer dereference in the main function of TOTOLINK N600R v4.3.0cu.7866B20220506 allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
EUVD-2025-35363
A NULL pointer dereference in the SetWLanRadioSettings function of D-Link DIR-823G A1 v1.0.2B05 allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
TencentOS Server 3: php:8.2 (TSSA-2025:0824)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0824 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2025-60336
A NULL pointer dereference in the sub41773C function of TOTOLINK N600R v4.3.0cu.7866B20220506 allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : .NET vulnerabilities (USN-7822-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7822-1 advisory. It was discovered that .NET did not properly handle the creation of temporary build time directories. An attacker could...
USN-7822-1: .NET vulnerabilities
It was discovered that .NET did not properly handle the creation of temporary build time directories. An attacker could possibly use this issue to cause a denial of service. CVE-2025-55247 It was discovered that .NET did not properly establish TLS sessions for SMTP server connections. An attacker...
dotnet: .NET Security Feature Bypass Vulnerability
A flaw was found in ASP.NET Core’s HTTP request handling that leads to inconsistent interpretation of specially crafted HTTP requests. This mismatch can be abused by an authorized network attacker to smuggle or manipulate request boundaries, allowing bypass of security controls or unintended...
dotnet: .NET Security Feature Bypass Vulnerability
A flaw was found in ASP.NET Core’s HTTP request handling that leads to inconsistent interpretation of specially crafted HTTP requests. This mismatch can be abused by an authorized network attacker to smuggle or manipulate request boundaries, allowing bypass of security controls or unintended...
HTTP Request Smuggling
Overview Microsoft.AspNetCore.Server.Kestrel.Core is a core components of ASP.NET Core Kestrel cross-platform web server. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of chunked HTTP requests. An attacker can bypass security restrictions and...
HTTP Request Smuggling
Overview Microsoft.AspNetCore.App.Runtime.linux-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of...
HTTP Request Smuggling
Overview Microsoft.AspNetCore.App.Runtime.linux-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of...
HTTP Request Smuggling
Overview Microsoft.AspNetCore.App.Runtime.linux-musl-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of...
HTTP Request Smuggling
Overview Microsoft.AspNetCore.App.Runtime.win-x86 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of chunke...
HTTP Request Smuggling
Overview Microsoft.AspNetCore.App.Runtime.linux-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of...
HTTP Request Smuggling
Overview Microsoft.AspNetCore.App.Runtime.win-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of chunke...
HTTP Request Smuggling
Overview Microsoft.AspNetCore.App.Runtime.win-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of...
HTTP Request Smuggling
Overview Microsoft.AspNetCore.App.Runtime.win-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of chunke...
HTTP Request Smuggling
Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of...