aiohttp 环境问题漏洞

aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python from aio-libs open source. An environment issue vulnerability exists in aiohttp 3.13.2 and earlier versions, which stems from the presence of non-ASCII characters that could allow a request entrapment attac...

Microsoft ASP.NET Core 环境问题漏洞

Microsoft ASP.NET Core is a framework of cross-platform open source framework from Microsoft Corporation USA. The framework is used to build cloud-based applications such as web applications, IoT applications, and mobile backends. Microsoft ASP.NET Core suffers from an environment issue...

EUVD-2018-19533

Malware in sbrugna...

EUVD-2010-4434

Malware in sbrugna...

EUVD-2013-2400

Malware in sbrugna...

EUVD-2018-19535

Malware in sbrugna...

EUVD-2019-3486

Malware in sbrugna...

EUVD-2011-0798

Malware in sbrugna...

EUVD-2012-1559

Malware in sbrugna...

EUVD-2022-0003

Malicious code in bioql PyPI...

GNU Bash OS Command Injection Vulnerability

GNU Bash contains an OS command injection vulnerability which allows remote attackers to execute arbitrary commands via a crafted environment...

Netty 环境问题漏洞

Netty is a non-blocking I/O client-server framework from the Netty community that is primarily used to develop Java web applications such as protocol servers and clients. An environment issue vulnerability exists in Netty versions 4.1.124.Final and 4.2.0.Alpha3 through 4.2.4.Final, which stems fr...

aiohttp 环境问题漏洞

aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python from aio-libs open source. An environment issue vulnerability exists in aiohttp versions prior to 3.12.14, which stems from the presence of request smuggling in the Python parser, which could lead to...

CVE-2025-48934 Deno.env.toObject() ignores the variables listed in --deny-env and returns all environment variables

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to versions 2.1.13 and 2.2.13, the Deno.env.toObject method ignores any variables listed in the --deny-env option of the deno run command. When looking at the documentation of the --deny-env option this might lead to a false...

CVE-2018-7821

An Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated...

h11 环境问题漏洞

h11 is a small HTTP/1.1 library written from scratch in Python by the individual developer Nathaniel J. Smith. An environment issue vulnerability exists in versions of h11 prior to 0.16.0, which stems from improper parsing of line terminators and could lead to a request entrapment attack...

RLSA-2024:10983 Moderate: python3.9:3.9.21 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

CVE-2025-24316 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Exposure of Sensitive Information Due to Incompatible Policies

The Dario Health Internet-based server infrastructure is vulnerable due to exposure of development environment details, which could lead to unsafe functionality...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-1162)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-MQF3-QPC3-G26Q Silverstripe Framework has a Reflected Cross Site Scripting (XSS) in error message

!IMPORTANT This vulnerability only affects sites which are in the "dev" environment mode. If your production website is in "dev" mode, it has been misconfigured, and you should immediately swap it to "live" mode. See https://docs.silverstripe.org/en/developerguides/debugging/environmenttypes/ for...