CSZ CMS 跨站脚本漏洞

CSZ CMS is an open source web application by the individual developer Cskaza Bassist that allows managing all content and settings on a website. A cross-site scripting vulnerability exists in CSZ CMS version 1.2.7, which stems from insufficient validation of message header inputs and could lead t...

EUVD-2021-2543

Malware in sbrugna...

EUVD-2002-0312

Malware in sbrugna...

EUVD-2002-0282

Malware in sbrugna...

EUVD-2016-10487

Malware in sbrugna...

EUVD-2025-6254

Malicious code in bioql PyPI...

EUVD-2022-43522

Malicious code in bioql PyPI...

Huawei EulerOS: Security Advisory for libsoup (EulerOS-SA-2025-2120)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-30177

Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...

CVE-2025-30177

Apache Camel vulnerability CVE-2025-30177 affects Camel-Undertow in Camel versions 4.10.0–4.10.3 and 4.8.0–4.8.6, where the DefaultHeaderFilterStrategy is insufficiently filtering incoming headers. The issue allows Camel-specific headers to bypass the header filter (notably in the Camel-Undertow ...

CVE-2025-30177 Apache Camel: Camel-Undertow Message Header Injection via Improper Filtering

Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...

CVE-2025-30177 Apache Camel: Camel-Undertow Message Header Injection via Improper Filtering

Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow...

Apache Camel 3.10.0 < 3.22.4 / 4.8.x < 4.8.5 / 4.10.x < 4.10.2 Message Header Injection (CVE-2025-27636)

The version of Apache Camel on the remote host is 3.10.0 prior to 3.22.4, 4.8.x prior to 4.8.5, or 4.10.x prior to 4.10.2. It is, therefore, affected by a message header injection vulnerability: - Bypass/Injection vulnerability in Apache Camel components under particular conditions. This issue...

CVE-2025-29891 Apache Camel: Camel Message Header Injection through request parameters

Bypass/Injection vulnerability in Apache Camel. This issue affects Apache Camel: from 4.10.0 before 4.10.2, from 4.8.0 before 4.8.5, from 3.10.0 before 3.22.4. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and 3.22.4 for 3.x releases. This vulnerability is...

CVE-2025-29891 Apache Camel: Camel Message Header Injection through request parameters

Bypass/Injection vulnerability in Apache Camel. This issue affects Apache Camel: from 4.10.0 before 4.10.2, from 4.8.0 before 4.8.5, from 3.10.0 before 3.22.4. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and 3.22.4 for 3.x releases. This vulnerability is...

CVE-2025-27636 Apache Camel: Camel Message Header Injection via Improper Filtering

Bypass/Injection vulnerability in Apache Camel components under particular conditions. This issue affects Apache Camel: from 4.10.0 through = 4.10.1, from 4.8.0 through = 4.8.4, from 3.10.0 through = 3.22.3. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS an...

DEBIAN-CVE-2024-58019

In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: correctly advance the read pointer of GSP message queue A GSP event message consists three parts: message header, RPC header, message body. GSP calculates the number of pages to write from the total size of a GSP messag...

UBUNTU-CVE-2024-57791

In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value of sockrecvmsg when draining clc data When receiving clc msg, the field length in smcclcmsghdr indicates the length of msg should be received from network and the value should not be fully trusted as i...

Design/Logic Flaw

A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.0.1, v2.3.0. It can easily break down as many orderers as the attacker wants. This bug can be leveraged by constructing a message whose header is invalid to the interface Order. This bug has been admitted and fixed by the...

Apache MINA Denial of Service Vulnerability

Apache MINA is a web application framework from the Apache Foundation. A denial-of-service vulnerability exists in Apache MINA, which is caused by improper handling of HTTP message header requests in Apache MINA. An attacker could exploit this vulnerability to potentially cause an infinite loop i...