urllib3: urllib3 Streaming API improperly handles highly compressed data

A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...

EUVD-2023-28115

Malicious code in bioql PyPI...

CVE-2020-9482

If NiFi Registry 0.1.0 to 0.5.0 uses an authentication mechanism other than PKI, when the user clicks Log Out, NiFi Registry invalidates the authentication token on the client side but not on the server side. This permits the user's client-side token to be used for up to 12 hours after logging ou...

CVE-2020-15588

An issue was discovered in the client side of Zoho ManageEngine Desktop Central 10.0.552.W. An attacker-controlled server can trigger an integer overflow in InternetSendRequestEx and InternetSendRequestByBitrate that leads to a heap-based buffer overflow and Remote Code Execution with SYSTEM...

Zoom Client Security Vulnerability

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability previously existed in Zoom Client version 5.14.10, which stemmed from a client-side implementation issue with server-side security...

SUSE CVE-2019-18658

In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include sensitive content such as /etc/passwd, or to execute a denial of service DoS via a special file such as /dev/urandom, via...

PT-2022-21609 · Hicos · Hicos

Name of the Vulnerable Software and Affected Versions: HICOS affected versions not specified Description: The client-side citizen digital certificate component of HICOS has a stack-based buffer overflow issue when reading an IC card, due to insufficient validation of token information parameter...