766 matches found
CVE-2026-63959
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm/tcpcimaxim: validate header NDO against RXBYTECNT A broken/malicious port can transmit a CRC-valid frame whose header advertises up to seven data objects but whose body carries fewer than that. Check for this, an...
CVE-2026-63959
The CVE-2026-63959 vulnerability affects the Linux kernel USB Type-C support (tcpm/tcpci_maxim). A broken/malicious USB-C port could transmit a CRC-valid frame where the header advertises up to seven data objects but the body carries fewer, causing the driver to read from uninitialized stack memo...
CVE-2026-63959 usb: typec: tcpm/tcpci_maxim: validate header NDO against RX_BYTE_CNT
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm/tcpcimaxim: validate header NDO against RXBYTECNT A broken/malicious port can transmit a CRC-valid frame whose header advertises up to seven data objects but whose body carries fewer than that. Check for this, an...
CVE-2026-63902
The CVE-2026-63902 issue affects the Linux kernel USB-serial Cypress M8 driver. cypress_read_int_callback() parses the interrupt-in buffer for two Cypress packet formats (format 1: two-byte status/count header; format 2: one-byte combined header). The interrupt buffer is sized from the endpoint w...
CVE-2026-63902 USB: serial: cypress_m8: validate interrupt packet headers
In the Linux kernel, the following vulnerability has been resolved: USB: serial: cypressm8: validate interrupt packet headers cypressreadintcallback parses the interrupt-in buffer according to the selected Cypress packet format. Format 1 has a two-byte status/count header and format 2 has a...
Astro SSR - Server-Side Request Forgery
Astro before 5.17.3 and @astrojs/node before 9.5.4 are vulnerable to full-read SSRF due to improper Host header validation in error page rendering, allowing attackers to redirect requests and access internal resources. id: CVE-2026-25545 info: name: Astro SSR - Server-Side Request Forgery author:...
Versa Concerto Actuator Endpoint - Authentication Bypass
An authentication bypass vulnerability affected the Spring Boot Actuator endpoints in Versa Concerto due to improper handling of the X-Real-Ip header.Attackers could access restricted endpoints by omitting this header.The issue allowed unauthorized access to sensitive functionality, highlighting...
PT-2026-61276
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm/tcpci maxim: validate header NDO against RX BYTE CNT A broken/malicious port can transmit a CRC-valid frame whose header advertises up to seven data objects but whose body carries fewer than that. Check for this,...
PT-2026-61219
In the Linux kernel, the following vulnerability has been resolved: USB: serial: cypress m8: validate interrupt packet headers cypress read int callback parses the interrupt-in buffer according to the selected Cypress packet format. Format 1 has a two-byte status/count header and format 2 has a...
CVE-2024-23577
HCL Aftermarket EPC is vulnerable since the application does not have a validation for HOST header and accepts arbitrary hosts when requested in http protocol. When an application doesn’t adequately validate or sanitize this header, it can lead to several security risks, including Host header...
CVE-2024-23577
HCL Aftermarket EPC is vulnerable since the application does not have a validation for HOST header and accepts arbitrary hosts when requested in http protocol. When an application doesn’t adequately validate or sanitize this header, it can lead to several security risks, including Host header...
EUVD-2024-55668
HCL Aftermarket EPC is vulnerable since the application does not have a validation for HOST header and accepts arbitrary hosts when requested in http protocol. When an application doesn’t adequately validate or sanitize this header, it can lead to several security risks, including Host header...
CVE-2024-23577
HCL Aftermarket EPC is vulnerable since the application does not have a validation for HOST header and accepts arbitrary hosts when requested in http protocol. When an application doesn’t adequately validate or sanitize this header, it can lead to several security risks, including Host header...
SUSE-SU-2026:3057-1 Security update for terraform-provider-susepubliccloud
This update for terraform-provider-susepubliccloud fixes the following issues - CVE-2022-41723: go1.19,go1.20: net/http2: quadratic complexity in HPACK decoding bsc1208300. - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo-header...
CVE-2026-44745
SAP Approuter does not properly validate incoming request headers during the OAuth2 login flow under certain configurations. This allows an unauthenticated remote attacker to craft a malicious link which, when clicked by a victim, could lead to unauthorized access. Successful exploitation results...
EUVD-2026-43585
SAP Approuter does not properly validate incoming request headers during the OAuth2 login flow under certain configurations. This allows an unauthenticated remote attacker to craft a malicious link which, when clicked by a victim, could lead to unauthorized access. Successful exploitation results...
SUSE-SU-2026:2888-1 Security update for the Linux Kernel (Live Patch 52 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.209 fixes various security issues The following security issues were fixed: - CVE-2026-23393: bridge: cfm: Fix race condition in peermep deletion bsc1260524. - CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of...
GHSA-489G-7RXV-6C8Q MCP Atlassian: DNS-rebinding TOCTOU bypass of the SSRF fix (CVE-2026-27826)
Summary GHSA-7r34-79r5-rcc9's fix added validateurlforssrf, which resolves the attacker-controlled X-Atlassian-Jira,Confluence-Url header host once at middleware time and trusts the result. But the outbound request is later built with the raw hostname and re-resolves at connect time with no IP...
BIT-PYTHON-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF
CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...
CVE-2026-56230 Capgo - Broken Object Level Authorization via x-limited-key-id Header
Capgo before 12.128.2 contains a broken object level authorization vulnerability in middlewareKey that accepts the client-controlled x-limited-key-id header without validating ownership, allowing authenticated users to adopt cross-tenant limited keys. Attackers can supply another tenant's limited...