22 matches found
CVE-2026-28481
OpenClaw versions 2026.1.30 and earlier, contain an information disclosure vulnerability, patched in 2026.2.1, in the MS Teams attachment downloader optional extension must be enabled that leaks bearer tokens to allowlisted suffix domains. When retrying downloads after receiving 401 or 403...
CVE-2026-28481
OpenClaw versions 2026.1.30 and earlier, contain an information disclosure vulnerability, patched in 2026.2.1, in the MS Teams attachment downloader optional extension must be enabled that leaks bearer tokens to allowlisted suffix domains. When retrying downloads after receiving 401 or 403...
EUVD-2026-9927
OpenClaw versions 2026.1.30 and earlier, contain an information disclosure vulnerability, patched in 2026.2.1, in the MS Teams attachment downloader optional extension must be enabled that leaks bearer tokens to allowlisted suffix domains. When retrying downloads after receiving 401 or 403...
OpenClaw 安全漏洞
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an information disclosure vulnerability that originates when the MS Teams attachment downloader, when retrying to download after receiving a 401 or 403 response, sends an authorization bearer token to ...
Fedora 43 : python-urllib3 (2026-724d1b1044)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-724d1b1044 advisory. 2.6.3 2026-01-07 - Fixed a high-severity security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were...
CVE-2023-29087
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Retry-After...
CVE-2025-68148
FreshRSS is a free, self-hostable RSS aggregator. From version 1.27.0 to before 1.28.0, An attacker could globally deny access to feeds via proxy modifying to 429 Retry-After for a large list of feeds on given instance, making it unusable for majority of users. This issue has been patched in...
FreshRSS 安全漏洞
FreshRSS is a free, self-hosted RSS aggregator from FreshRSS Open Source. A security vulnerability exists in FreshRSS version 1.27.0 through versions prior to 1.28.0, which stems from an attacker being able to modify the proxy settings to cause a 429 Retry-After response, which could result in a...
CVE-2025-68148 FreshRSS globally denies access to feed via proxy modifying to 429 Retry-After
FreshRSS is a free, self-hostable RSS aggregator. From version 1.27.0 to before 1.28.0, An attacker could globally deny access to feeds via proxy modifying to 429 Retry-After for a large list of feeds on given instance, making it unusable for majority of users. This issue has been patched in...
CVE-2025-68148 FreshRSS globally denies access to feed via proxy modifying to 429 Retry-After
FreshRSS is a free, self-hostable RSS aggregator. From version 1.27.0 to before 1.28.0, An attacker could globally deny access to feeds via proxy modifying to 429 Retry-After for a large list of feeds on given instance, making it unusable for majority of users. This issue has been patched in...
CVE-2025-68148
The CVE-2025-68148 issue affects FreshRSS versions 1.27.0 through before 1.28.0. An attacker could globally deny access to feeds by manipulating proxy settings to generate a flood of 429 Retry-After responses, effectively making the instance unusable for most users. The vulnerability is addressed...
PT-2025-53608
Name of the Vulnerable Software and Affected Versions FreshRSS versions 1.27.0 through 1.27.9 Description An attacker could disrupt access to RSS feeds for all users of an instance by manipulating the proxy settings to send a large number of 429 Retry-After requests. This denial of service makes...
EUVD-2020-0289
Malware in sbrugna...
EUVD-2023-32690
Malicious code in bioql PyPI...
CVE-2019-17555
The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep method without any check. If a malicious server returns a huge value in the header, then it can help to implement a DoS attack...
CVE-2023-29087
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Retry-After...
Memory corruption
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Retry-After...
CVE-2023-29087
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Retry-After...
CVE-2023-29087
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Retry-After...
PT-2023-22134 · Samsung · Exynos Modem 5300 +6
Name of the Vulnerable Software and Affected Versions: Exynos Mobile Processor affected versions not specified Exynos Modem 5123 affected versions not specified Exynos Modem 5300 affected versions not specified Exynos 980 affected versions not specified Exynos 1080 affected versions not specified...