CVE-2026-47330 Use of uninitialized value in Ubuntu Linux AppArmor notification handling

Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses...

GHSA-83HF-93M4-RGWQ Hickory DNS's Record Cache Accepts AUTHORITY-Section NS from Sibling Zone via Parent-Pool Zone-Context Elevation

Summary The Hickory DNS project's experimental hickory-recursor crate's record cache DnsLru stores records from DNS responses keyed by each record's own name, type, not by the query that triggered the response. cacheresponse in crates/recursor/src/lib.rs chains ANSWER, AUTHORITY, and ADDITIONAL...

Hickory DNS's Record Cache Accepts AUTHORITY-Section NS from Sibling Zone via Parent-Pool Zone-Context Elevation

Summary The Hickory DNS project's experimental hickory-recursor crate's record cache DnsLru stores records from DNS responses keyed by each record's own name, type, not by the query that triggered the response. cacheresponse in crates/recursor/src/lib.rs chains ANSWER, AUTHORITY, and ADDITIONAL...

RUSTSEC-2026-0106 Record cache accepts AUTHORITY section NS from sibling zone via parent-pool zone-context elevation

The Hickory DNS project's experimental hickory-recursor crate's record cache DnsLru stores records from DNS responses keyed by each record's own name, type, not by the query that triggered the response. cacheresponse in crates/recursor/src/lib.rs chains ANSWER, AUTHORITY, and ADDITIONAL sections...

Litestar's FileStore key canonicalization collisions allow response cache mixup/poisoning (ASCII ord + Unicode NFKD)

Summary FileStore maps cache keys to filenames using Unicode NFKD normalization and ord substitution without separators, creating key collisions. When FileStore is used as response-cache backend, an unauthenticated remote attacker can trigger cache key collisions via crafted paths, causing one UR...

GHSA-VXQX-RH46-Q2PG Litestar's FileStore key canonicalization collisions allow response cache mixup/poisoning (ASCII ord + Unicode NFKD)

Summary FileStore maps cache keys to filenames using Unicode NFKD normalization and ord substitution without separators, creating key collisions. When FileStore is used as response-cache backend, an unauthenticated remote attacker can trigger cache key collisions via crafted paths, causing one UR...

EUVD-2020-0351

Malware in sbrugna...

EUVD-2020-29435

Malware in sbrugna...

Coredns: cd bit response is cached and served later

...

Important: squid

Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no know...

Improper Preservation of Consistency Between Independent Representations of Shared State

Overview johnpbloch/wordpress-core is a web software you can use to create a website or blog. Affected versions of this package are vulnerable to Improper Preservation of Consistency Between Independent Representations of Shared State due to the improper handling of the X-HTTP-Method-Override...

Debian DSA-5442-1 : flask - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5442 advisory. It was discovered that in some conditions the Flask web framework may disclose a session cookie. For the oldstable distribution bullseye, this problem has been fixed in...

Flask 安全漏洞

Pallets Project Flask is a lightweight WSGI Web Server Gateway Interface application framework from the Pallets Project. A security vulnerability exists in Flask where a data response for one client may be cached and later sent by a proxy to other clients...

Wa-Tunnel - Tunneling Internet Traffic Over Whatsapp

This is a Baileys based piece of code that lets you tunnel TCP data through two Whatsapp accounts. This can be usable in different situations, for example network carriers that give unlimited whatsapp data or airplanes where you also get unlimited social network data. It's using Baileys since it'...

Design/Logic Flaw

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses including headers and returns them to the clients. In a recent change in the AbstractSessionListener, the response...

Sensio Labs Symfony 授权问题漏洞

Sensio Labs Symfony is a free French Sensio Labs company , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools that can be used to quickly create complex web programs. Symfony has an authorization issue vulnerabilit...

The vulnerability of the software system for managing enterprise assets in IBM Maximo Asset Management allows a perpetrator to gain access to protected information.

The vulnerability of the IBM Maximo Asset Management software-based asset management system lies in the presence of a caching mechanism for HTTPS responses. Exploiting this vulnerability could allow an attacker, operating locally, to gain access to protected information...

Cisco Content Service Switch DNS DoS

Negative DNS response caching lieads to DoS possibility...