Lucene search
K

3718 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.51 views

Multiple Cisco Products Snort 3 DoS Vulnerabilities (cisco-sa-snort3-multi-dos-XFWkWSwz_CVE-2026-20067)

According to its self-reported version, Cisco ASA Software is affected by a vulnerability. - Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in ...

5.8CVSS5.8AI score0.00475EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/03/08 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-tornado (UTSA-2026-005911)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005911 advisory. Tornado is a Python web framework and asynchronous networking library. Versions 6.5.2 and below use an inefficient algorithm when parsing parameters for HTTP header...

7.5CVSS6.6AI score0.00371EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/06 2:54 a.m.4 views

CVE-2026-29046 TinyWeb: HTTP Header Control Character Injection into CGI Environment

TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Prior to version 2.04, TinyWeb accepts request header values and later maps them into CGI environment variables HTTP. The parser did not strictly reject dangerous control characters in header lines and header values, including CR, L...

9.2CVSS5.8AI score0.00387EPSS
Exploits1References2
Amazon
Amazon
added 2026/03/06 12:0 a.m.4 views

Medium: python

Issue Overview: When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized. CVE-2025-11468 User-controlled...

6CVSS5.9AI score0.0055EPSS
Exploits0
Snyk
Snyk
added 2026/03/05 9:30 p.m.3 views

HTTP Header Injection

Overview @perfood/couch-auth is an Easy and secure authentication for CouchDB/Cloudant. Based on SuperLogin, updated and rewritten in Typescript. Affected versions of this package are vulnerable to HTTP Header Injection via the mailer component. An attacker can gain unauthorized access to reset...

9.3CVSS5.8AI score0.00352EPSS
Exploits0References2
OSV
OSV
added 2026/03/04 8:16 p.m.4 views

UBUNTU-CVE-2026-28434

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, when a request handler throws a C++ exception and the application has not registered a custom exception handler via setexceptionhandler, the library catches the exception and writes its message...

5.3CVSS5.6AI score0.003EPSS
Exploits1References4
NVD
NVD
added 2026/03/04 6:16 p.m.10 views

CVE-2026-20067

Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking...

5.8CVSS0.00475EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/04 5:49 p.m.4 views

CVE-2026-20067 Multiple Cisco Products Snort 3 TBD Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking...

5.8CVSS6AI score0.00475EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/04 5:49 p.m.3 views

CVE-2026-20067

Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking...

5.8CVSS6AI score0.00475EPSS
Exploits0References2Affected Software3
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-27810

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection...

6.4CVSS5.9AI score0.00206EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.4 views

SUSE SLES12 Security Update : python3 (SUSE-SU-2026:0645-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0645-1 advisory. - CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. -...

6CVSS7.2AI score0.0055EPSS
Exploits0References19
OSV
OSV
added 2026/03/03 1:5 p.m.4 views

SUSE-SU-2026:0767-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. - CVE-2025-12781: inadequate parameter check can cause data integrity issues bsc1257108. - CVE-2025-1528...

6.3CVSS6AI score0.0055EPSS
Exploits1References15
OSV
OSV
added 2026/02/27 8:21 p.m.5 views

UBUNTU-CVE-2026-27810

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

6.4CVSS5.9AI score0.00206EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/02/27 8:21 p.m.5 views

CVE-2026-27810

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

6.4CVSS6AI score0.00206EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/27 7:44 p.m.5 views

CVE-2026-27810 calibre Vulnerable to HTTP Response Header Injection

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

6.4CVSS6AI score0.00206EPSS
Exploits1References1
EUVD
EUVD
added 2026/02/27 7:44 p.m.6 views

EUVD-2026-9056

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

6.4CVSS6AI score0.00206EPSS
Exploits1References1
SUSE Linux
SUSE Linux
added 2026/02/27 3:14 p.m.6 views

Security update for python311

This update for python311 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2025-12781: inadequate parameter check can cause data integrity issues bsc1257108. CVE-2025-15282:...

8.7CVSS6AI score0.0055EPSS
Exploits1References28
SUSE Linux
SUSE Linux
added 2026/02/26 3:7 p.m.8 views

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-32049: denial of Service attack to websocket server bsc1240751. CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. CVE-2026-2443: out-of-bounds read when processing specially crafted...

8.3CVSS5.7AI score0.00728EPSS
Exploits1References16
OSV
OSV
added 2026/02/26 10:25 a.m.7 views

CLSA-2026-1772101499 httpd: Fix of CVE-2024-42516

CVE-2024-42516: fix HTTP response splitting by reordering header validation to occur after full response header assembly...

7.5CVSS7.1AI score0.00679EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/02/25 4:28 p.m.4 views

Security update for python312

This update for python312 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using...

8.7CVSS5.5AI score0.0055EPSS
Exploits0References24
Rows per page
Query Builder