145 matches found
DEBIAN-CVE-2025-69224
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. If a pure Python version of AIOHTTP is installed i.e. without the usual C extensions ...
CVE-2025-69224
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. If a pure Python version of AIOHTTP is installed i.e. without the usual C extensions ...
CVE-2025-69224
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. If a pure Python version of AIOHTTP is installed i.e. without the usual C extensions ...
UBUNTU-CVE-2025-69224
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. If a pure Python version of AIOHTTP is installed i.e. without the usual C extensions ...
CVE-2025-69224 AIOHTTP's Unicode processing of header values could cause parsing discrepancies
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. If a pure Python version of AIOHTTP is installed i.e. without the usual C extensions ...
CVE-2025-69224
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. If a pure Python version of AIOHTTP is installed i.e. without the usual C extensions ...
CVE-2025-69224
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. If a pure Python version of AIOHTTP is installed i.e. without the usual C extensions ...
aiohttp 环境问题漏洞
aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python from aio-libs open source. An environment issue vulnerability exists in aiohttp 3.13.2 and earlier versions, which stems from the presence of non-ASCII characters that could allow a request entrapment attac...
EUVD-2011-2054
Malware in sbrugna...
EUVD-2019-2190
Malware in sbrugna...
EUVD-2013-4426
Malware in sbrugna...
EUVD-2019-2754
Malware in sbrugna...
EUVD-2005-1272
Malware in sbrugna...
EUVD-2019-5959
Malware in sbrugna...
EUVD-2006-3295
Malware in sbrugna...
EUVD-2012-0480
Malware in sbrugna...
CVE-2025-41234
A mishandling of non-ASCII characters in headers flaw was found in the Spring framework. This flaw allows an attacker to tamper with a file download under specific conditions when content names are user-supplied, and the victim then downloads unintended content. Mitigation Mitigation for this iss...
CVE-2011-2060
The platform-sw component on Cisco Adaptive Security Appliances ASA 5500 series devices with software 8.2 before 8.25.3, 8.3 before 8.32.20, and 8.4 before 8.42.1 does not properly handle non-ASCII characters in an interface description, which allows local users to cause a denial of service reloa...
CVE-2024-47611 XZ Utils on Microsoft Windows platform are vulnerable to argument injection
XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows MinGW-w64 or MSVC, the command line tools from XZ Utils 5.6.2 and older have a command line argument injection vulnerability. If a command line contains Unicode characters for exampl...
NIST Recommends Some Common-Sense Password Rules
NIST's second draft of its "SP 800-63-4"--its digital identify guidelines--finally contains some really good rules about passwords: The following requirements apply to passwords: 1. lVerifiers and CSPs SHALL require passwords to be a minimum of eight characters in length and SHOULD require...