Tenda AC6 Denial of Service Vulnerability

Tenda AC6 is a dual-band wireless router from Tenda that supports IPv4 and IPv6 protocols and utilizes the 802.11ac/n wireless standard to provide a wireless transmission rate of 1167Mbps. A denial of service vulnerability exists in the Tenda AC6, which originates from a problem with the HTTP...

Linux Distros Unpatched Vulnerability : CVE-2022-28129

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. This issue affects Apach...

CVE-2025-30256

A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2025-1734

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers...

Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏洞

Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense are both products of Cisco, Inc.Cisco Secure Firewall Adaptive Cisco Secure Firewall Adaptive Security Appliance is an enterprise-class firewall software.Cisco Secure Firewall Threat Defense is an integrate...

CLSA-2025-1755112965 Fix of 5 CVEs

OpenJDK 8u462 release - CVE-2025-30749: Java 2D heap corruption, code execution/DoS - CVE-2025-30754: JSSE TLS handshake flaw, weakened encryption - CVE-2025-30761: nashorn sandbox bypass, code execution - CVE-2025-50059: HTTP client header bug, data leak - CVE-2025-50106: Glyph rendering memory...

openjdk: Improve HTTP client header handling (Oracle CPU 2025-07)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1...

CVE-2025-32094

An issue was discovered in Akamai Ghost, as used for the Akamai CDN platform before 2025-03-26. Under certain circumstances, a client making an HTTP/1.x OPTIONS request with an "Expect: 100-continue" header, and using obsolete line folding, can lead to a discrepancy in how two in-path Akamai...

PT-2025-32255 · Undefined · Undefined

CVE-2025-54978 - Apache HTTP Server HTTP Header Injection CVE ID : CVE-2025-54978 Published : Aug. 5, 2025, 4:16 a.m. | 2 hours, 19 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Security update for java-21-openjdk

This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.8+9 July 2025 CPU: Security fixes: CVE-2025-30749: several scenarios can lead to heap corruption bsc1246595 CVE-2025-30754: incomplete handshake may lead to weakening TLS protections bsc1246598...

Security update for java-1_8_0-openj9

This update for java-180-openj9 fixes the following issues: Update to OpenJDK 8u462 build 08 with OpenJ9 0.53.0 virtual machine: CVE-2025-30749: several scenarios can lead to heap corruption Oracle CPU 2025-07 bsc1246595 CVE-2025-30754: incomplete handshake may lead to weakening TLS protections...

SUSE CVE-2024-23839

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, specially crafted traffic can cause a heap use after free if the ruleset uses the http.requestheader or http.responseheader keyword. The vulnerability has been...

CVE-2025-8129

A vulnerability, which was classified as problematic, was found in KoaJS Koa up to 3.0.0. Affected is the function back in the library lib/response.js of the component HTTP Header Handler. The manipulation of the argument Referrer leads to open redirect. It is possible to launch the attack...

CVE-2024-40686

IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including...

GHSA-MVW6-62QV-VMQF Duplicate Advisory: Koa Open Redirect via Referrer Header (User-Controlled)

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-jgmv-j7ww-jx2x. This link is maintained to preserve external references. Original Description A vulnerability, which was classified as problematic, was found in KoaJS Koa up to 3.0.0. Affected is the function ba...

CVE-2025-8129

A vulnerability, which was classified as problematic, was found in KoaJS Koa up to 3.0.0. Affected is the function back in the library lib/response.js of the component HTTP Header Handler. The manipulation of the argument Referrer leads to open redirect. It is possible to launch the attack...

CVE-2025-8129 KoaJS Koa HTTP Header response.js back redirect

A vulnerability, which was classified as problematic, was found in KoaJS Koa up to 3.0.0. Affected is the function back in the library lib/response.js of the component HTTP Header Handler. The manipulation of the argument Referrer leads to open redirect. It is possible to launch the attack...

CVE-2025-8129

CVE-2025-8129 affects Koa (Koa up to v3.0.0). The vulnerability lies in lib/response.js where manipulation of Referrer can trigger an open redirect. Exploitation is remote and the exploit has been disclosed publicly. Remediation per public sources is to upgrade Koa to a version that contains the ...

PT-2025-30726

Name of the Vulnerable Software and Affected Versions Koa versions up to 3.0.0 Description A problematic issue exists in KoaJS Koa. The back function within the HTTP Header Handler component, located in lib/response.js, is susceptible to open redirect attacks through manipulation of the Referrer...

CVE-2024-40686

IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including...