CVE-2026-42587

Netty CVE-2026-42587 affects HttpContentDecompressor and DelegatingDecompressorFrameListener. Before 4.2.13.Final and 4.1.133.Final, maxAllocation is enforced for gzip/deflate but ignored for br, zstd, or snappy, allowing an attacker to bypass the decompression limit via Content-Encoding: br and ...

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification in the HttpContentDecompressor and DelegatingDecompressorFrameListener components when the Content-Encoding header is set to br, zstd, or snappy. An attacker can exhaust...

EulerOS 2.0 SP10 : python3 (EulerOS-SA-2026-1319)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to...

CLSA-2026-1768412660 python3.11: Fix of CVE-2025-13836

CVE-2025-13836: fixed memory exhaustion vulnerability when reading HTTP responses with malicious Content-Length headers...

Security update for python3

This update for python3 fixes the following issues: CVE-2025-12084: cpython: Fixed quadratic algorithm in xml.dom.minidom leading to denial of service bsc1254997 CVE-2025-13836: Fixed default Content-Lenght read amount from HTTP response bsc1254400 CVE-2025-13837: Fixed plistlib module denial of...

CVE-2025-64333

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a large HTTP content type, when logged can cause a stack overflow crashing Suricata. This issue has been patched in versions...

CVE-2025-64333

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a large HTTP content type, when logged can cause a stack overflow crashing Suricata. This issue has been patched in versions...

EUVD-2008-5071

Malware in sbrugna...

EUVD-2018-0538

Malware in sbrugna...

EUVD-2017-17681

Malware in sbrugna...

EUVD-2009-2061

Malware in sbrugna...

EUVD-2009-2063

Malware in sbrugna...

EUVD-2020-11951

Malware in sbrugna...

EUVD-2018-20025

Malware in sbrugna...

EUVD-2019-1374

Malware in sbrugna...

EUVD-2009-2064

Malware in sbrugna...

EUVD-2018-0603

Malware in sbrugna...

EUVD-2017-17670

Malware in sbrugna...

EUVD-2022-42399

Malicious code in bioql PyPI...

CVE-2025-8320

Tesla Wall Connector Content-Length Header Improper Input Validation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Tesla Wall Connector devices. Authentication is not required to exploit this...