Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/11 12:0 a.m.7 views

RockyLinux 8 : php:7.4 (RLSA-2026:2470)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:2470 advisory. php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-deco...

9.8CVSS7.9AI score0.02286EPSS
Exploits10References27
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

RHEL 8 : libsoup (RHSA-2026:0867)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0867 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes...

8.2CVSS5.6AI score0.00496EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.7 views

MiracleLinux 9 : php:8.1 (AXSA:2025-9901:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9901:01 advisory. php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with...

9.8CVSS7.5AI score0.02286EPSS
Exploits5References9
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.10 views

MiracleLinux 9 : php:8.3 (AXSA:2025-10557:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10557:01 advisory. php: Header parser of http stream wrapper does not handle folded headers CVE-2025-1217 php: Stream HTTP wrapper header check might omit basic auth...

9.8CVSS6.3AI score0.01263EPSS
Exploits3References7
CVE
CVE
added 2025/06/25 4:52 p.m.67 views

CVE-2025-6442

CVE-2025-6442 affects Ruby WEBrick: the vulnerability is a flaw in read_headers that causes inconsistent termination parsing of HTTP headers, enabling HTTP request smuggling under certain proxy conditions. Affected are Ruby WEBrick and Rubygem-WeBrick components across several platforms (e.g., Ru...

6.5CVSS6.8AI score0.00422EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 4:30 a.m.5 views

CVE-2023-32762

An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security HSTS header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the cas...

5.3CVSS6.6AI score0.00875EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/16 12:0 a.m.5 views

libsoup 代码问题漏洞

libsoup is a GNOME HTTP client/server library from the GNOME Project. A code issue vulnerability exists in libsoup, which stems from the fact that handling certain constructs of the WWW-Authenticate header may cause a client application to crash, potentially leading to a denial of service attack...

4.3CVSS5.6AI score0.00309EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/04/01 12:0 a.m.15 views

CBL Mariner 2.0 Security Update: php (CVE-2025-1217)

The version of php installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1217 advisory. - In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when...

6.3CVSS6.3AI score0.00547EPSS
Exploits1References2
OSV
OSV
added 2024/08/30 11:8 a.m.10 views

OESA-2024-2068 netty3 security update

Netty is a NIO client server framework which enables quick and easy development of network applications such as protocol servers and clients. It greatly simplifies and streamlines network programming such as TCP and UDP socket server. Security Fixes: Netty before 4.1.42.Final mishandles whitespac...

9.1CVSS6.9AI score0.13474EPSS
Exploits3References4
OSV
OSV
added 2024/02/29 3:52 p.m.11 views

USN-6670-1 php-guzzlehttp-psr7 vulnerabilities

It was discovered that php-guzzlehttp-psr7 incorrectly parsed HTTP headers. A remote attacker could possibly use these issues to perform an HTTP header injection attack...

7.5CVSS7.2AI score0.02384EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/15 12:0 a.m.5 views

PT-2023-8904

Name of the Vulnerable Software and Affected Versions Rack versions 2.0.0 through 2.2.6.3 Rack versions 3.0.0 through 3.0.6.0 Description The issue is related to the header parsing component of Rack, which can be exploited to cause a denial of service. This can happen when carefully crafted input...

10CVSS6.9AI score0.35376EPSS
Exploits4References110
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.4 views

SUSE CVE-2019-20444

HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."...

9.1CVSS7AI score0.08914EPSS
Exploits1References4
OSV
OSV
added 2019/10/11 6:41 p.m.1 views

GHSA-P979-4MFW-53VG HTTP Request Smuggling in Netty

Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers such as a "Transfer-Encoding : chunked" line, which leads to HTTP request smuggling...

7.5CVSS6.8AI score0.08415EPSS
Exploits1References82
exploitpack
exploitpack
added 2003/04/08 12:0 a.m.14 views

Amavis 0.1.6 - Header Parsing Mail Relaying

Amavis 0.1.6 - Header Parsing Mail Relaying source: https://www.securityfocus.com/bid/7306/info It has been reported that some versions of Amavis-ng do not properly interact with Postfix. Because of this, an attacker may be able to circumvent relay restrictions. telnet somemx.domain.tld 25 220...

7.4AI score
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2003/03/30 12:0 a.m.6 views

FreeBSD-SA-03:07.sendmail

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:07.sendmail Security Advisory The FreeBSD Project Topic: a second sendmail header parsing buffer overflow Category: contrib Module: contribsendmail Announced:...

6.4AI score
Exploits0
Rows per page
Query Builder