104 matches found
CVE-2025-11143
The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently fr...
CVE-2025-27821 HDFS native client: Out of bounds write in URI parser of native HDFS client
Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue...
CVE-2025-27821
Summary: CVE-2025-27821 is an out-of-bounds write vulnerability in the Apache Hadoop HDFS native client, specifically in the URI parser. The issue affects Hadoop 3.2.0 up to, but not including, 3.4.2. Multiple sources (NVD, Red Hat, OSV, GHSA, CVE list, Snyk, and others) describe the same flaw an...
CVE-2025-27821 HDFS native client: Out of bounds write in URI parser of native HDFS client
Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue...
PT-2026-4646
Name of the Vulnerable Software and Affected Versions Apache Hadoop versions affected versions not specified Description An out-of-bounds write flaw exists in the Hadoop HDFS client's URI parser. This issue affects the native client. Recommendations At the moment, there is no information about a...
MiracleLinux 8 : raptor2-2.0.15-17.el8_10 (AXSA:2025-9547:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9547:01 advisory. raptor: integer underflow when normalizing a URI with the turtle parser CVE-2024-57823 Tenable has extracted the preceding description block directly from th...
SUSE CVE-2025-67899
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...
TencentOS Server 3: ruby:3.1 (TSSA-2024:0106)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0106 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 3: ruby (TSSA-2024:0331)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0331 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
EUVD-2018-0154
Malware in sbrugna...
EUVD-2007-0161
Malware in sbrugna...
EUVD-2023-1038
Malicious code in bioql PyPI...
EUVD-2023-56459
Malicious code in bioql PyPI...
EUVD-2024-0412
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-55763
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 latest allows a remote attacker to achieve remote code execution via a crafted HTTP request. Thi...
CVE-2025-55763
A buffer overflow flaw was found in CivetWeb. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to a denial of service or arbitrary code execution. Mitigation Mitigation for this issue is either not available or the...
DEBIAN-CVE-2025-55763
Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 latest allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of...
UBUNTU-CVE-2025-55763
Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 latest allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of...
Security Bulletin: The HttpURI class does insufficient validation on the authority segment of a URI, which affects IBM watsonx.data
Summary Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs from the common...
CVE-2025-55763
Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 latest allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of...