10 matches found
CVE-2026-33805
@fastify/reply-from v12.6.1 and earlier and @fastify/http-proxy v11.4.3 and earlier process the client's Connection header after the proxy has added its own headers via rewriteRequestHeaders. This allows attackers to retroactively strip proxy-added headers from upstream requests by listing them i...
MiracleLinux 8 : cryptsetup-2.3.3-4.el8.1 (AXSA:2022-3029:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3029:01 advisory. cryptsetup: disable encryption via header rewrite CVE-2021-4122 Tenable has extracted the preceding description block directly from the MiracleLinux security...
EUVD-2008-6268
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-14773
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through...
cryptsetup security update
An update is available for cryptsetup. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cryptsetup packages provide a utility for setting up disk encryption...
Moderate: cryptsetup security update
The cryptsetup packages provide a utility for setting up disk encryption using the dm-crypt kernel module. Security Fixes: cryptsetup: disable encryption via header rewrite CVE-2021-4122 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
Heap overflow
Unspecified vulnerability in sISAPILocation before 1.0.2.2 allows remote attackers to bypass intended access restrictions for character encoding and the cookie secure flag via unknown vectors related to the "HTTP header rewrite function."...
CVE-2008-6298
Unspecified vulnerability in sISAPILocation before 1.0.2.2 allows remote attackers to bypass intended access restrictions for character encoding and the cookie secure flag via unknown vectors related to the "HTTP header rewrite function."...
CVE-2008-6298
CVE-2008-6298 concerns sISAPILocation (ISAPI filter for IIS) prior to 1.0.2.2. The vulnerability enables bypass of the HTTP header rewrite function, potentially bypassing configuration controls for character encoding and the cookie secure flag. Root cause is described as an issue in the sISAPILoc...
sISAPILocation vulnerability bypasses HTTP header rewrite function
Overview sISAPILocation, an ISAPI Internet Server Application Program Interface filter, contains a vulnerability that allows the HTTP header rewrite function to be bypassed. sISAPILocation, developed by an individual developer, is an ISAPI filter for IIS Internet Information Services...