EUVD-2017-3388

Malware in sbrugna...

EUVD-2024-28054

Malicious code in bioql PyPI...

CVE-2025-54477 Joomla! Core - [20250902] User-Enumeration in passkey authentication method

Improper handling of authentication requests lead to a user enumeration vector in the passkey authentication method...

Gardyn 4 安全漏洞

Gardyn 4 is a home vertical hydroponic growing system from Gardyn USA. A security vulnerability exists in Gardyn 4 that stems from improper request handling and could lead to information disclosure and execution of arbitrary code...

The vulnerability of Websoft HCM’s automation software for HR processes lies in its inability to properly handle incoming requests, allowing attackers to disclose protected information.

The vulnerability of Websoft HCM’s automation software for HR processes is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

X.Org X Server 安全漏洞

X.Org X Server is an X Window System display server from the X.Org Foundation. A security vulnerability exists in X.Org X Server that stems from improper request handling and could lead to a denial of service...

OctoPrint 安全漏洞

OctoPrint is an open source application from OctoPrint. It provides a fast web interface for controlling consumer 3D printers. A security vulnerability exists in OctoPrint 1.11.1 and earlier versions that stems from improper request handling and could lead to a denial of service...

The vulnerability of the Polarion ALM application lifecycle management software lies in its inability to properly handle incoming requests, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of the Polarion ALM application lifecycle management software is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

Improper Request Handling

http-proxy-middleware is vulnerable to Improper Request Handling. The vulnerability is due to improper request handling caused by fixRequestBody executing even when bodyParser has failed, which allows attackers to smuggle malicious HTTP requests...

PCMan FTP Server 安全漏洞

PCMan FTP Server is a server software for File Transfer Protocol FTP. PCMan FTP Server suffers from a buffer overflow vulnerability that stems from the failure of the DIR Command Handler module DIR Command Handler to properly handle a specific request. No detailed vulnerability details are provid...

CVE-2025-32395

Vite is a frontend tooling framework for javascript. Prior to 6.2.6, 6.1.5, 6.0.15, 5.4.18, and 4.5.13, the contents of arbitrary files can be returned to the browser if the dev server is running on Node or Bun. HTTP 1.1 spec RFC 9112 does not allow in request-target. Although an attacker can sen...

The vulnerability of the ocelot_ifh_set_basic() function in the ocelot.c component of the Linux operating system’s kernel allows a hacker to induce a service failure.

The vulnerability of the ocelotifhsetbasic function in the ocelot.c component of the Linux operating system’s kernel is related to insufficient neutralization of certain elements in the request. Exploiting this vulnerability can allow an attacker to cause a service failure...

Unexpected Status Code Or Return Value

go-redis is vulnerable to Unexpected Status Code or Return Value. The vulnerability is due to improper request handling due to timeouts in the CLIENT SETINFO command during connection establishment, leading to incorrect command responses and potential data inconsistency...

Regular Expression Denial Of Service (ReDoS)

@octokit/plugin-paginate-rest is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability is due to improper handling of the link parameter in the headers section of the request, which allows a specially crafted input to exploit the regular expression logic and trigger a denial...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper request handling in the RDMA/rxe module, resulting in a memory leak...

Server Side Request Forgery (SSRF)

@lobehub/chat is vulnerable to Server Side Request Forgery SSRF. The vulnerability is due to insufficient input validation and improper handling of requests, allowing attackers to craft requests that can target internal services, even without authentication...

PT-2024-23194 · Hcl · Hcl Connections

Name of the Vulnerable Software and Affected Versions: HCL Connections affected versions not specified Description: The issue is related to an information disclosure vulnerability. It could allow a user to obtain sensitive information they are not entitled to because of improperly handling the...

The vulnerability of the twisted.web network framework’s component, which allows a hacker to disclose protected information

The vulnerability of the twisted.web network framework’s component is related to improper handling of HTTP requests. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by the framework...

Server-Side Request Forgery (SSRF)

github.com/gotenberg/gotenberg/v8 is vulnerable to Server-side Request Forgery SSRF. The vulnerability is due to improper handling of requests made to the /convert/html endpoint, allowing attackers to exploit local file inclusion by referencing localhost files such as...

CVE-2023-28022 HCL Connections is vulnerable to sensitive information disclosure

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data...