CVE-2026-35213

@hapi/content provided HTTP Content- headers parsing. All versions of @hapi/content through 6.0.0 are vulnerable to Regular Expression Denial of Service ReDoS via crafted HTTP header values. Three regular expressions used to parse Content-Type and Content-Disposition headers contain patterns...

CVE-2022-31698

The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header...

EUVD-2021-9180

Malicious code in bioql PyPI...

EUVD-2022-53118

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-21850

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A speciall...

CVE-2021-22011

vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation...

CVE-2021-21993

The vCenter Server contains an SSRF Server Side Request Forgery vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosur...

Meta to abandon social media tracking tool CrowdTangle

On 14 March, Meta announced it would abandon CrowdTangle, saying the tool will no longer be available after August 14, 2024. While most people have never heard of CrowdTangle, among journalists the tool is considered essential. Its popularity largely depends on the ability to monitor social media...

CVE-2023-49820

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.5.3...

CMLoot - Find Interesting Files Stored On (System Center) Configuration Manager (SCCM/CM) SMB Shares

CMLoot was created to easily find interesting files stored on System Center Configuration Manager SCCM/CM SMB shares. The shares are used for distributing software to Windows clients in Windows enterprise environments and can contains scripts/configuration files with passwords, certificates pfx,...

Vulnerability Spotlight: Denial-of-service vulnerability discovered in VMWare vCenter

Marcin Icewall Noga of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a denial-of-service vulnerability in VMWare vCenter Server. VMware vCenter Server is a platform that enables centralized control and monitoring over all virtual machines and EXSi hypervisors included...

CVE-2022-31698

The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header...

CVE-2022-31698

The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header...

Denial of service

The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header...

CVE-2022-31698

The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header...

VMware vCenter Server Content Library denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1588 VMware vCenter Server Content Library denial of service vulnerability December 13, 2022 CVE Number CVE-2022-31698 SUMMARY A denial of service vulnerability exists in the Content Library functionality of VMware vCenter Server 6.5 Update 3t. A...

CVE-2022-31698

The CVE-2022-31698 entry concerns VMware vCenter Server (and related ESXi components) with a denial-of-service in the content library service. According to the provided documents, a remote attacker who can access port 443 over the network can trigger a DoS by sending a specially crafted header, l...

CVE-2022-31698

The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header...

PT-2022-5908 · Vmware · Vmware Vcenter Server +1

Name of the Vulnerable Software and Affected Versions: VMware vCenter Server affected versions not specified Description: The issue is related to a denial-of-service condition in the content library service of VMware vCenter Server. It can be triggered by a malicious actor with network access to...

VMware vCenter Server Licensing Issue Vulnerability (CNVD-2021-74278)

Vmware VMware vCenter Server is a suite of server and virtualization management software from Vmware, Inc. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructure. vmware vCenter Server is vulnerab...