[SECURITY] Fedora 42 Update: nginx-mod-headers-more-0.39-6.fc42

This module allows adding, setting, or clearing specified input/output header s. This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing "builtin headers" like Content-Type, Content-Length, and Server...

[SECURITY] Fedora 42 Update: nginx-mod-headers-more-0.39-4.fc42

This module allows adding, setting, or clearing specified input/output header s. This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing "builtin headers" like Content-Type, Content-Length, and Server...

EUVD-2015-6772

Malware in sbrugna...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-392950)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-392950 advisory. In the Linux kernel, the following vulnerability has been resolved: net: iptunnel: make sure to pull inner header in iptunnelrcv Apply the same fix than ones found i...

EUVD-2023-0252

Malicious code in bioql PyPI...

UBUNTU-CVE-2023-53360

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: Rework scratch handling for READPLUS again I found that the read code might send multiple requests using the same nfspgioheader, but nfs4procreadsetup is only called once. This is how we ended up occasionally...

CBL Mariner 2.0 Security Update: golang / msft-golang (CVE-2024-45336)

The version of golang / msft-golang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45336 advisory. - The HTTP client drops sensitive headers after following a cross-domain redirect. For example, ...

CVE-2024-26857 geneve: make sure to pull inner header in geneve_rx()

In the Linux kernel, the following vulnerability has been resolved: geneve: make sure to pull inner header in geneverx syzbot triggered a bug in geneverx 1 Issue is similar to the one I fixed in commit 8d975c15c0cd "ip6tunnel: make sure to pull inner header in ip6tnlrcv" We have to save...

PT-2024-26692 · Scrapy +3 · Scrapy +3

Name of the Vulnerable Software and Affected Versions: Scrapy versions prior to 2.11.1 Description: The issue arises from the failure to remove the Authorization header when redirecting across domains, potentially allowing for account hijacking. This occurs when a request with the Authorization...

Fortinet Fortigate DOS in headers management (FG-IR-23-151)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-151 advisory. - A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10,...

Pegasus mail DoS

Application: Pegasus mail http://www.pmail.com Version: 4.01 and possibly previous Bug: Bad management of "From:" and "To:" mail headers Risk: DoS and in some cases the client cannot be opened until the user have not cancelled the saved mail in the mail folder Author: Auriemma Luigi e-mail:...