CVE-2026-6868

A flaw was found in Wireshark. A local user could be tricked into opening a specially crafted network capture file. This file, containing malicious HTTP data, could cause Wireshark to crash, leading to a denial of service...

CVE-2020-10800

lix through 15.8.7 allows man-in-the-middle attackers to execute arbitrary code by modifying the HTTP client-server data stream so that the Location header is associated with attacker-controlled executable content in the postDownload field...

CVE-2025-64334

A flaw was found in Suricata. This vulnerability allows unbounded memory growth during decompression via compressed HTTP data...

[SECURITY] Fedora 41 Update: squid-6.14-1.fc41

Squid is a high-performance proxy caching server for Web clients, supporting FTP and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups...

EUVD-2018-14782

Malware in sbrugna...

EUVD-2018-14712

Malware in sbrugna...

EUVD-2018-14713

Malware in sbrugna...

SUSE CVE-2025-46569

Open Policy Agent OPA is an open source, general-purpose policy engine. Prior to version 1.4.0, when run as a server, OPA exposes an HTTP Data API for reading and writing documents. Requesting a virtual document through the Data API entails policy evaluation, where a Rego query containing a singl...

Incorrect Authorization

Overview github.com/open-policy-agent/opa/server is an open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack. Affected versions of this package are vulnerable to Incorrect Authorization via the HTTP Data API. An attacker can...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the HTTP Data API. An attacker can manipulate the Rego code within the query to either cause the server to perform unintended actions or to consume excessive resources, leading to a Denial of Service DoS. Not...

CVE-2025-46569

Open Policy Agent OPA is an open source, general-purpose policy engine. Prior to version 1.4.0, when run as a server, OPA exposes an HTTP Data API for reading and writing documents. Requesting a virtual document through the Data API entails policy evaluation, where a Rego query containing a singl...

CVE-2025-46569 OPA server Data API HTTP path injection of Rego

Open Policy Agent OPA is an open source, general-purpose policy engine. Prior to version 1.4.0, when run as a server, OPA exposes an HTTP Data API for reading and writing documents. Requesting a virtual document through the Data API entails policy evaluation, where a Rego query containing a singl...

CVE-2025-46569 OPA server Data API HTTP path injection of Rego

Open Policy Agent OPA is an open source, general-purpose policy engine. Prior to version 1.4.0, when run as a server, OPA exposes an HTTP Data API for reading and writing documents. Requesting a virtual document through the Data API entails policy evaluation, where a Rego query containing a singl...

CVE-2025-46569

Summary: CVE-2025-46569 affects Open Policy Agent (OPA) prior to 1.4.0 when run as a server. A HTTP Data API path can be crafted to inject Rego code into the constructed query, enabling potential oracle attacks, incorrect policy decisions, and a DoS via expensive evaluation. Impact: high (policy ...

PT-2025-18710 · Unknown · Open Policy Agent

Name of the Vulnerable Software and Affected Versions: Open Policy Agent OPA versions prior to 1.4.0 Description: The issue concerns the Open Policy Agent OPA, a general-purpose policy engine. In versions prior to 1.4.0, when run as a server, OPA exposes an HTTP Data API. A crafted HTTP request...

phpIPAM 安全漏洞

phpIPAM is the phpIPAM open source suite of open source PHP and MySQL based IP address management applications IPAM. A security vulnerability exists in phpIPAM versions 1.5.0 through 1.6.0 that stems from the application including HTTP request data in an insecure manner in the response when it is...

CVE-2024-42328

When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is set to NULL and is allocated only in curlwritecb when receiving data. If the server's response is an empty document, then wd-data in the code below will remain NULL and an attempt to read from it will...

Hanwha Vision NVR和DVR安全漏洞

Hanwha Vision NVR and Hanwha Vision DVR are both products of Hanwha Vision, a South Korean company.Hanwha Vision NVR is a series of network video recorder devices.Hanwha Vision DVR is a series of digital video recorder devices. Hanwha Vision NVRs and DVRs are vulnerable to a security flaw that...

Fedora: Security Advisory for squid (FEDORA-2023-df4923cddc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

IBM Security Verify Privilege Manager Security Vulnerability

IBM Security Verify Privilege Manager is a security management software from International Business Machines IBM for endpoint privilege management and application control in corporate environments. The software stops unintentional downloads of malware and ransomware from attacking applications by...