442 matches found
urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...
SUSE CVE-2026-22780
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2...
CVE-2026-22780 Rizin has a heap overflow on mach0_chained_fixups.c
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2...
CVE-2026-22780 Rizin has a heap overflow on mach0_chained_fixups.c
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2...
urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...
CVE-2016-10892
The chained-quiz plugin before 1.0 for WordPress has multiple XSS issues...
CVE-2026-21876 OWASP CRS has multipart bypass using multiple content-type parts
The OWASP core rule set CRS is a set of generic attack detection rules for use with compatible web application firewalls. Prior to versions 4.22.0 and 3.3.8, the current rule 922110 has a bug when processing multipart requests with multiple parts. When the first rule in a chain iterates over a...
CVE-2025-8306 Improper Access Control in Asseco Infomedica Plus
Asseco InfoMedica is a comprehensive solution used to manage both administrative and medical tasks in the healthcare sector. A low privileged user is able to obtain encoded passwords of all other accounts including main administrator due to lack of granularity in access control. Chained...
CVE-2023-53979 MyBB 1.8.32 Authenticated Remote Code Execution via Chained Vulnerabilities
MyBB 1.8.32 contains a chained vulnerability that allows authenticated administrators to bypass avatar upload restrictions and execute arbitrary code. Attackers can modify upload path settings, upload a malicious PHP-embedded image file, and execute commands through the language configuration...
CVE-2025-68317 io_uring/zctx: check chained notif contexts
In the Linux kernel, the following vulnerability has been resolved: iouring/zctx: check chained notif contexts Send zc only links ubufinfo for requests coming from the same context. There are some ambiguous syz reports, so let's check the assumption on notification completion...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly checking the chained notification context, which could lead to ambiguity in notification completion...
PT-2025-49392
New HTB video up - Editor machine Chained CVE-2024-24893 for the foothold and CVE-2024-32019 to get root. https://t.co/z1zRLuMttt commands: https://t.co/zZEPDE8xg0 HackTheBox OSCP pentesting editor https://t.co/opAGaJ4Evv...
Bluetooth: When HCI work queue is drained, only queue chained work
...
EUVD-2009-0005
Malware in sbrugna...
EUVD-2021-11602
Malware in sbrugna...
EUVD-2020-28238
Malware in sbrugna...
EUVD-2018-6418
Malware in sbrugna...
EUVD-2016-1886
Malware in sbrugna...
EUVD-2017-14082
Malware in sbrugna...
EUVD-2022-51577
Malicious code in bioql PyPI...