12 matches found
CVE-2026-49854
Summary: Tornado’s optional native extension tornado.speedups mishandles the websocket_mask length, reading beyond a four-byte buffer when invoked through the XSRF token decoder with the extension active. This out-of-bounds access affects Tornado up to version 6.5.5 and is fixed in 6.5.6. Impact:...
Incorrect Resource Transfer Between Spheres
Overview tornado is a Python web framework and asynchronous networking library, originally developed at FriendFeed. Affected versions of this package are vulnerable to Incorrect Resource Transfer Between Spheres via SimpleAsyncHTTPClient. An attacker can obtain sensitive credentials by exploiting...
GHSA-MGF9-4VPG-HJ56 tornado AsyncHTTPClient accumulates decompressed chunks without size limit (gzip bomb)
Tornado's gzip decompression routines work in limited-size chunks, but have no overall limit for the total size of decompressed chunks that they will accumulate There has always been a limit for the total compressed size. This allows a malicious server to consume effectively unlimited amounts of...
Buffer Over-read
Overview tornado is a Python web framework and asynchronous networking library, originally developed at FriendFeed. Affected versions of this package are vulnerable to Buffer Over-read via the websocketmask function in the speedups component. An attacker can trigger a read past the end of the mas...
Tornado has out-of-bounds memory access via C extension
Summary Tornado's optional native extension tornado.speedups implements websocketmask without validating that the mask argument is exactly four bytes long. The C function reads four bytes from mask unconditionally, even when Python passes a shorter byte string. This can read beyond the provided...
Fedora 42 : fetchmail (2025-ab3c40c1f4)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-ab3c40c1f4 advisory. Update to fetchmail-6.5.6 CVE-2025-61962 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
CVE-2025-11371
In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild. This issue impacts Gladinet CentreStack and...
WordPress Help Scout Plugin <= 6.5.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Help Scout versions = 6.5.6...
Elliptic 安全漏洞
Elliptic is a library of fast elliptic curve ciphers in javascript by the individual developer Fedor Indutny. A security vulnerability exists in Elliptic version 6.5.6, which stems from allowing the use of BER-encoded signatures, and therefore ECDSA signature malleability...
CVE-2024-30526
Cross-Site Request Forgery CSRF vulnerability in Easy Social Feed.This issue affects Easy Social Feed: from n/a through 6.5.6...
WordPress Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin <= 6.5.6 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Brandon Roldan Patchstack Alliance in WordPress Plugin Easy Social Feed versions = 6.5.6...
Guzzle 信息泄露漏洞
Guzzle is a PHP HTTP client from the individual developers of guzzlehttp that makes it easy to send HTTP requests and easily integrates with web services. An information disclosure vulnerability exists in Guzzle versions 6.5.6 and earlier, 7.0.0 through 7.4.3, which stems from a cookie request...