Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-7826

Malware in sbrugna...

4.3CVSS4.8AI score0.02355EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-6662

Malware in sbrugna...

5.3CVSS5.3AI score0.01653EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-2324

Malware in sbrugna...

5CVSS6.4AI score0.01388EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-53387

Malicious code in bioql PyPI...

6.5CVSS7.3AI score0.01103EPSS
Exploits1References38
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-54150

Malicious code in bioql PyPI...

7.5CVSS8.1AI score0.00853EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.4 views

CVE-2019-15726

An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. Embedded images and media files in markdown could be pointed to an arbitrary server, which would reveal the IP address of clients requesting the file from that server...

5.3CVSS6.6AI score0.01653EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:38 p.m.5 views

CVE-2002-2346

phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses...

5CVSS7AI score0.01388EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-32148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a...

6.5CVSS6.8AI score0.01103EPSS
Exploits1References3
OSV
OSV
added 2025/02/28 3:32 p.m.10 views

OESA-2025-1185 etcd security update

%expand: Security Fixes: Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations.CVE-2022-1962 Requests forwarded by ReverseProxy include the raw query parameters...

7.5CVSS7AI score0.99999EPSS
Exploits23References14
Positive Technologies
Positive Technologies
added 2024/03/12 12:0 a.m.4 views

PT-2024-2610 · Apache · Apache Pulsar

Name of the Vulnerable Software and Affected Versions: Apache Pulsar versions 2.6.0 through 2.10.5 Apache Pulsar versions 2.11.0 through 2.11.2 Apache Pulsar versions 3.0.0 through 3.0.1 Apache Pulsar version 3.1.0 Description: The issue is related to an improper authentication vulnerability in t...

8.5CVSS7.1AI score0.01765EPSS
Exploits0References13
OSV
OSV
added 2024/03/08 11:7 a.m.5 views

OESA-2024-1250 containers-common security update

This package contains common configuration files and documentation for container tools ecosystem, such as Podman, Buildah and Skopeo. Security Fixes: Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP wi...

6.5CVSS9.1AI score0.01103EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/05/24 12:0 a.m.32 views

Oracle Linux 8 : container-tools:4.0 (ELSA-2023-2802)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2802 advisory. - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closin...

7.5CVSS7.5AI score0.05623EPSS
Exploits5References15
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.35 views

Amazon Linux 2023 : compat-golang-github-cpuguy83-md2man-2-devel, golang-github-cpuguy83-md2man, golang-github-cpuguy83-md2man-devel (ALAS2023-2023-047)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-047 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...

9.3CVSS7.3AI score0.05335EPSS
Exploits7References30
SUSE CVE
SUSE CVE
added 2023/02/15 3:25 a.m.4 views

SUSE CVE-2022-32148

Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the...

5.3CVSS7.9AI score0.01103EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2022/11/02 12:0 a.m.41 views

EulerOS 2.0 SP10 : golang (EulerOS-SA-2022-2683)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request...

7.5CVSS7.3AI score0.02593EPSS
Exploits7References14
Tenable Nessus
Tenable Nessus
added 2022/09/14 12:0 a.m.33 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-2288)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements if...

7.5CVSS7.4AI score0.01875EPSS
Exploits4References11
OSV
OSV
added 2022/08/10 8:15 p.m.2 views

DEBIAN-CVE-2022-32148

Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the...

6.5CVSS7.5AI score0.01103EPSS
Exploits1References1
OSV
OSV
added 2022/08/10 8:15 p.m.5 views

AZL-10538 CVE-2022-32148 affecting package golang for versions less than 1.18.5-1

Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the...

6.5CVSS6.7AI score0.01103EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/08/10 8:15 p.m.2 views

CVE-2022-32148

Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the...

6.5CVSS8.8AI score0.01103EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2022/08/10 8:15 p.m.29 views

CVE-2022-32148

Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the...

6.5CVSS6.9AI score
Exploits0References5
Rows per page
Query Builder