Malicious code in redirect-24srjd (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 94abc719b1e3113905c655a63a171398712f2a45b8b933a5244541146f586ee4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Libsoup: information disclosure may leads libsoup client sends authorization header to a different host when being redirected by a server

...

Malicious code in norequest-akash (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 510b9a55bb5d3edb3f9ec11a61f72939b8f5b05e64d976cb49b378118bb12e1d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-10524

A flaw was found in the Wget package. Wget might issue an FTP request to a different host in configurations where the HTTP shorthand format is used with user-provided input. An attacker may be able to use specially crafted input to cause Wget to access an arbitrary host...

USN-6852-1 wget vulnerability

It was discovered that Wget incorrectly handled semicolons in the userinfo subcomponent of a URI. A remote attacker could possibly trick a user into connecting to a different host than expected...

Eclipse Vert.x Security Vulnerability

Eclipse Vert.x is an Eclipse Foundation toolkit for building responsive applications on the JVM. A security vulnerability exists in the Eclipse Vert.x toolkit that stems from the use of the Netty FastThreadLocal data structure can lead to a memory leak that could be triggered when the Vert.x HTTP...

K85235351: cURL and libcurl vulnerability CVE-2016-8624

Security Advisory Description curl before version 7.51.0 doesn't parse the authority component of the URL correctly when the host name part ends with a '' character, and could instead be tricked into connecting to a different host. This may have security implications if you for example use an URL...

SUSE CVE-2012-3371

The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...

git: Crafted URL containing new lines can cause credential leak

A flaw was found in git. Credentials can be leaked through the use of a crafted URL that contains a newline, fooling the credential helper to give information for a different host. Highest threat from the vulnerability is to data confidentiality...

CVE-2017-14063

Async Http Client aka async-http-client before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL CVE-2016-8624 and Oracle Java 8 java.net.URL...

DEBIAN-CVE-2016-9179

lynx: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host...

CURL-CVE-2016-8624 invalid URL parsing with '#'

curl does not parse the authority component of the URL correctly when the host name part ends with a hash character, and could instead be tricked into connecting to a different host. This may have security implications if you for example use a URL parser that follows the RFC to check for allowed...

DEBIAN-CVE-2012-3371

The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...

PYSEC-2012-40

The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...