EUVD-2022-5209

Malicious code in bioql PyPI...

CVE-2024-7246

It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occurs because the...

Critical Jenkins Server Vulnerability Could Leak Sensitive Information

Jenkins—a popular open-source automation server software—published an advisory on Monday concerning a critical vulnerability in the Jetty web server that could result in memory corruption and cause confidential information to be disclosed. Tracked as CVE-2019-17638, the flaw has a CVSS rating of...

Web Server HTTP Header Internal IP Disclosure

This may expose internal IP addresses that are usually hidden or masked behind a Network Address Translation NAT Firewall or proxy server. There is a known issue with Microsoft IIS 4.0 doing this in its default configuration. This may also affect other web servers, web applications, web proxies,...