6 matches found
EUVD-2022-31992
Malicious code in bioql PyPI...
EUVD-2023-27712
Malicious code in bioql PyPI...
CVE-2023-23616
Discourse is an open-source discussion platform. Prior to version 3.0.1 on the stable branch and 3.1.0.beta2 on the beta and tests-passed branches, when submitting a membership request, there is no character limit for the reason provided with the request. This could potentially allow a user to...
CVE-2022-27491
A improper verification of source of a communication channel in Fortinet FortiOS with IPS engine version 7.201 through 7.214, 7.001 through 7.113, 6.001 through 6.121, 5.001 through 5.258 and before 4.086 allows a remote and unauthenticated attacker to trigger the sending of "blocked page" HTML...
4 Flaws hit HTTP/2 Protocol that could allow Hackers to Disrupt Servers
If you think that the HTTP/2 protocol is more secure than the standard HTTP Hypertext Transfer Protocol, then you might be wrong, as it took researchers just four months to discover four flaws in the HTTP/2 protocol. HTTP/2 was launched properly just in May last year after Google bundled its SPDY...
Tomcat/JBossWeb: Limited DoS in chunked transfer encoding input filter
It was discovered that JBoss Web / Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against JBoss Web / Apache Tomcat by streaming an unlimited quantity of data, leading to...