Lucene search
K

15 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 1:16 p.m.3 views

Security Bulletin: Vulnerability in Undici affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Undici has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...

9.8CVSS7.2AI score0.0115EPSS
Exploits0Affected Software2
Cvelist
Cvelist
added 2026/03/04 11:32 p.m.35 views

CVE-2026-2835 HTTP Request Smuggling via HTTP/1.0 and Transfer-Encoding Misparsing

An HTTP Request Smuggling vulnerability CWE-444 has been found in Pingora's parsing of HTTP/1.0 and Transfer-Encoding requests. The issue occurs due to improperly allowing HTTP/1.0 request bodies to be close-delimited and incorrect handling of multiple Transfer-Encoding values, allowing attackers...

9.3CVSS0.00707EPSS
Exploits0References1
OSV
OSV
added 2026/01/05 12:47 p.m.2 views

SUSE-SU-2026:0027-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2025-12084: cpython: Fixed quadratic algorithm in xml.dom.minidom leading to denial of service bsc1254997 - CVE-2025-13836: Fixed default Content-Lenght read amount from HTTP response bsc1254400 - CVE-2025-13837: Fixed plistlib module deni...

7.5CVSS7.1AI score0.01525EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2003-1074

Malware in sbrugna...

5CVSS6.2AI score0.03693EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-0308

Malware in sbrugna...

9.1CVSS6.9AI score0.13474EPSS
Exploits1References108
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-34604

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01324EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2021-21295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers &...

5.9CVSS6.3AI score0.18891EPSS
Exploits0References2
OSV
OSV
added 2025/04/06 7:15 p.m.8 views

CVE-2025-2258

In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smaller than the data request size. A...

7.5CVSS7AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.8 views

CBL Mariner 2.0 Security Update: fluent-bit (CVE-2024-50608)

The version of fluent-bit installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50608 advisory. - An issue was discovered in Fluent Bit 3.1.9. When the Prometheus Remote Write input plugin is running an...

7.5CVSS7.9AI score0.01037EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/02/27 12:0 a.m.10 views

Fluent Bit Multiple Vulnerabilities

The version of Fluent Bit running on the remote host is prior to 3.2.7. It is, therefore, is affected by multiple vulnerabilities: - An issue was discovered in Fluent Bit 3.1.9. When the Prometheus Remote Write input plugin is running and listening on an IP address and port, one can send a packet...

7.5CVSS7.9AI score0.01037EPSS
Exploits2References4
Cvelist
Cvelist
added 2025/02/18 12:0 a.m.11 views

CVE-2024-50608

An issue was discovered in Fluent Bit 3.1.9. When the Prometheus Remote Write input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user with access t...

0.01037EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2022/07/05 2:41 p.m.7 views

netty: possible request smuggling in HTTP/2 due missing validation

In Netty io.netty:netty-codec-http2 before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by Http2MultiplexHandler as it is propagated up. This is fine as long as the...

5.9CVSS7.4AI score0.18891EPSS
Exploits0References5
OSV
OSV
added 2014/02/06 5:0 p.m.10 views

CVE-2013-6490

The SIMPLE protocol functionality in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a negative Content-Length header, which triggers a buffer overflow...

6.6AI score
Exploits0References6
securityvulns
securityvulns
added 2002/11/20 12:0 a.m.26 views

Signed/unsigned conversion bug in wwwoffled

Content-Length integer type bug...

3.3AI score
Exploits0References1
securityvulns
securityvulns
added 2002/07/19 12:0 a.m.33 views

Buffer overflow in WWW Offline Explorer

Buffer overflow on negative Content-Length...

3.6AI score
Exploits0References1Affected Software1
Rows per page
Query Builder