FreeBSD : zeek -- potential DoS vulnerability (e665f0a2-fe6d-44b0-ba9e-d383f055a8a3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e665f0a2-fe6d-44b0-ba9e-d383f055a8a3 advisory. Wojtulewicz of Corelight reports: A specially-crafted series of MIME headers sent via SMTP or HTTP coul...

zeek -- potential DoS vulnerability

Wojtulewicz of Corelight reports: A specially-crafted series of MIME headers sent via SMTP or HTTP could cause Zeek to use large amounts of memory and potentially crash...

CVE-2026-42037

A flaw was found in Axios, an HTTP client for Node.js. A remote attacker, by controlling the type property of a file-like object, could inject arbitrary MIME part headers into multipart form data. This vulnerability arises from insufficient sanitization of carriage return and line feed CRLF...

Axios 注入漏洞

Axios is an open-source HTTP client developed by Axios. Versions of Axios from 1.0.0 to 1.15.1 had a injection vulnerability. This vulnerability stemmed from the FormDataPart constructor function, which directly inserted the value.type into the Content-Type header without clearing the CRLF...

CVE-2026-27443

SEPPmail Secure Email Gateway before version 15.0.1 does not properly sanitize the headers from S/MIME protected MIME entities, allowing an attacker to control trusted headers...

PT-2026-22889

SEPPmail Secure Email Gateway before version 15.0.1 does not properly sanitize the headers from S/MIME protected MIME entities, allowing an attacker to control trusted headers...

zeek -- potential DoS vulnerability

Tim Wojtulewicz of Corelight reports: Zeek's HTTP analyzer can be tricked into interpreting Transfer-Encoding or Content-Length headers set in MIME entities within HTTP bodies and change the analyzer behavior...

CVE-2025-20360

Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerability is due to a lack of complete error checking when the MIME fields of the HTTP header are...

CVE-2025-20359 Multiple Cisco Products Snort 3 MIME Information Disclosure or Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the disclosure of possible sensitive data or cause the Snort 3 Detection Engine to crash. This vulnerability is due to an error in the logic of buffer...

CVE-2025-20359 Multiple Cisco Products Snort 3 MIME Information Disclosure or Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the disclosure of possible sensitive data or cause the Snort 3 Detection Engine to crash. This vulnerability is due to an error in the logic of buffer...

EUVD-2019-2747

Malware in sbrugna...

EUVD-1999-0907

Malware in sbrugna...

EUVD-1999-1180

Malware in sbrugna...

EUVD-1999-0906

Malware in sbrugna...

EUVD-2006-2160

Malware in sbrugna...

EUVD-2000-0195

Malware in sbrugna...

EUVD-2023-28551

Malicious code in bioql PyPI...

Apache James MIME4J 输入验证错误漏洞

Apache James MIME4J is a library of the American Apache Apache Foundation. It can be used to parse e-mail message streams in pure rfc822 and MIME formats and construct tree representations of e-mail messages. An input validation error vulnerability exists in Apache James MIME4J 0.8.9 and earlier...

golang: net/http, net/textproto: denial of service from excessive memory allocation

A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service...

Denial Of Service (DoS)

github.com/golang/go is vulnerable to Denial of Service DoS attacks. Unusual patterns of input data cause the upcomingHeaderNewlines function to parse HTTP and MIME headers which allocates more memory than required, causing the application to crash via memory exhaustion...