Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification in the HttpContentDecompressor and DelegatingDecompressorFrameListener components when the Content-Encoding header is set to br, zstd, or snappy. An attacker can exhaust...

RUSTSEC-2025-0141 Bincode is unmaintained

Due to a doxxing and harassment incident, the bincode team has taken the decision to cease development permanently. The team considers version 1.3.3 a complete version of bincode that is not in need of any updates. Alternatives to consider wincode postcard bitcode rkyv...

netty: possible request smuggling in HTTP/2 due missing validation

In Netty io.netty:netty-codec-http2 before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by Http2MultiplexHandler as it is propagated up. This is fine as long as the...

Reside Property Management 3.0 - 'profile' SQL Injection

Exploit Title: Reside Property Management 3.0 - 'profile' SQL Injection Date: 2020-06-28 Google Dork: "Copyright 2020 Reside Property Management" Exploit Author: Ultra Security Team Ashkan Moghaddas , AmirMohammad Safari Team Members: Behzad Khalifeh , Milad Ranjbar Vendor Homepage:...

Updated pulseaudio package fixes RTP remote crash vulnerability

PulseAudio versions shipped in Mageia 3 and 4 were vulnerable to a remote RTP attack which could crash the PulseAudio server simply by sending an empty UDP packet. Additionally, the version of PulseAudio shipped in Mageia 4 was a pre-release version of PulseAudio v5 and has been updated to the...

PHP-Nuke <= 8.0 Final (sid) Remote SQL Injection Exploit

No description provided by source. ?php UNPUBLISHED RST/GHC EXPLOIT PHP Nuke sid sql injection exploit for Search module POST method - the best for version 8.0 FINAL coded by Foster & 1dt.w0lf tested on 6.0 , 6.6 , 7.9 , 8.0 FINAL versions if isset$POST'Submit'...

Marinet CMS - room.php Blind SQL Injection

Marinet CMS - room.php Blind SQL Injection ==================================================== MARINET CMS room.php = Blind SQL Vulnerability ==================================================== Exploit Title: MARINET CMS room.php = Blind SQL Vulnerability Date: 30 - 09 - 2011 Author: BHG Securi...