CVE-2026-10629

SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...

Exploit for CVE-2026-42945

CVE-2026-42945 NGINX Rift — defensive scanner Organizations...

[SECURITY] Fedora 42 Update: nginx-mod-headers-more-0.39-9.fc42

This module allows adding, setting, or clearing specified input/output header s. This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing "builtin headers" like Content-Type, Content-Length, and Server...

[SECURITY] Fedora 44 Update: nginx-mod-headers-more-0.39-9.fc44

This module allows adding, setting, or clearing specified input/output header s. This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing "builtin headers" like Content-Type, Content-Length, and Server...

[SECURITY] Fedora 44 Update: nginx-mod-headers-more-0.39-7.fc44

This module allows adding, setting, or clearing specified input/output header s. This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing "builtin headers" like Content-Type, Content-Length, and Server...

CVE-2026-33223

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, the NATS message header Nats-Request-Info: is supposed to be a guarantee of identity by the NATS server, but the stripping of this header from inbound messages was...

CVE-2026-33223

CVE-2026-33223 affects NATS-Server. Prior to versions 2.11.15 and 2.12.6, the Nats-Request-Info header, intended to guarantee identity, could still be stripped incompletely from inbound messages, allowing an attacker with valid credentials to spoof identity to services relying on that header. The...

PT-2026-27618

Name of the Vulnerable Software and Affected Versions NATS-Server versions prior to 2.11.15 NATS-Server versions prior to 2.12.6 Description NATS-Server, a high-performance server for NATS.io, a cloud and edge native messaging system, contains an issue where the Nats-Request-Info: message header...

CVE-2026-1694

HTTP headers are added by the default configuration of IIS and ASP.net, and are not removed at the deployment phase of the webservices used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It unnecessarily exposes sensitive information...

CVE-2026-1694

HTTP headers are added by the default configuration of IIS and ASP.net, and are not removed at the deployment phase of the webservices used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It unnecessarily exposes sensitive information...

PT-2026-26492

Name of the Vulnerable Software and Affected Versions Angular versions prior to 22.0.0-next.2 Angular versions prior to 21.2.3 Angular versions prior to 20.3.21 Description An Open Redirect issue exists in the Angular SSR tool due to an incomplete fix for a previously identified problem. The...

Exploit for Path Traversal in Apache Http_Server

🛑 CVE-2021-41773 Checker CVE-2021-41773 Checker is a Python-b...

[SECURITY] Fedora 43 Update: nginx-mod-headers-more-0.39-4.fc43

This module allows adding, setting, or clearing specified input/output header s. This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing "builtin headers" like Content-Type, Content-Length, and Server...

EUVD-2008-3348

Malware in sbrugna...

EUVD-2003-1296

Malware in sbrugna...

NetScaler-13.1-How to remove the "Server" header in the response with rewrite policy

How to remove the "Server" header in the response which exposes the server type information...

CVE-2023-22465

Http4s is a Scala interface for HTTP services. Starting with version 0.1.0 and prior to versions 0.21.34, 0.22.15, 0.23.17, and 1.0.0-M38, the User-Agent and Server header parsers are susceptible to a fatal error on certain inputs. In http4s, modeled headers are lazily parsed, so this only applie...

CVE-2024-42179

HCL MyXalytics is affected by sensitive information disclosure vulnerability. The HTTP response header exposes the Microsoft-HTTP API∕2.0 as the server's name & version...

Edu-Sharing Arbitrary File Upload

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Arbitrary File Upload product: edu-sharing metaVentis GmbH vulnerable versions: =8.0.8-RC2, =8.1.4-RC0, =9.0.0-RC19 CVE number: CVE-2024-28147 impact: high homepage:...

Royal Elementor Addons < 1.3.95 - Unauthenticated IP Spoofing

Description The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to IP Address Spoofing due to insufficient IP address validation. This makes it possible for unauthenticated attackers to spoof their IP addresses. Set any of the following server headers as used in getclienti...