CVE-2025-4600 HTTP Request Smuggling in Google Cloud Classic Application Load Balancer due to Improper Chunked Encoding Validation

A request smuggling vulnerability existed in the Google Cloud Classic Application Load Balancer due to improper handling of chunked-encoded HTTP requests. This allowed attackers to craft requests that could be misinterpreted by backend servers. The issue was fixed by disallowing stray data after ...

CVE-2025-44879

WS-WN572HP3 V230525 was discovered to contain a buffer overflow in the component /www/cgi-bin/upload.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

Azure Linux 3.0 Security Update: httpd / mod_http2 (CVE-2023-25690)

The version of httpd / modhttp2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-25690 advisory. - Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP...

D-Link DIR-859 < 1.07b03_beta Multiple Vulnerabilities (SAP10146, SAP10147)

D-Link DIR-859 devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to gunicorn-22.0.0-py3-none-any.whl CVE-2024-6827

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to gunicorn-22.0.0-py3-none-any.whl CVE-2024-6827. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-6827 DESCRIPTION: Gunicorn version 21.2.0 does not properly...

CVE-2024-56523

Radware Cloud Web Application Firewall WAF before 2025-05-07 allows remote attackers to bypass firewall filters by placing random data in the HTTP request body when using the HTTP GET method...

Alibaba Cloud Linux 3 : 0180: git-lfs (ALINUX3-SA-2022:0180)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0180 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-28851: In x/text in Go 1.15.4, an...

CVE-2025-44879

WS-WN572HP3 V230525 was discovered to contain a buffer overflow in the component /www/cgi-bin/upload.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2025-44879

WS-WN572HP3 V230525 was discovered to contain a buffer overflow in the component /www/cgi-bin/upload.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

Alibaba Cloud Linux 3 : 0152: go-toolset:rhel8 (ALINUX3-SA-2022:0152)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0152 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-1705: Acceptance of some invalid...

Alibaba Cloud Linux 3 : 0096: squid:4 (ALINUX3-SA-2021:0096)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0096 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-25097: An issue was discovered in Squid...

Alibaba Cloud Linux 3 : 0069: go-toolset:rhel8 (ALINUX3-SA-2021:0069)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0069 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-16276: Go before 1.12.10 and 1.13...

Alibaba Cloud Linux 3 : 0187: varnish:6 (ALINUX3-SA-2022:0187)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0187 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-45060: An HTTP Request Forgery issue was...

Alibaba Cloud Linux 3 : 0023: httpd:2.4 (ALINUX3-SA-2022:0023)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0023 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-22720: Apache HTTP Server 2.4.52 and earli...

CVE-2025-44879

CVE-2025-44879 concerns WS-WN572HP3 (V230525) with a buffer overflow in the file path "/www/cgi-bin/upload.cgi". The described impact is a Denial of Service (DoS) via a crafted HTTP request. Concrete details reported across multiple sources confirm the affected device and vulnerable component, wi...

Alibaba Cloud Linux 3 : 0165: nodejs:14 (ALINUX3-SA-2022:0165)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0165 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-32212: A OS Command Injection...

[SECURITY] [DSA 5918-1] varnish security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5918-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 13, 2025 https://www.debian.org/security/faq -...

Debian dsa-5918 : libvarnishapi-dev - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5918 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5918-1 [email protected] https://www.debian.org/security/ Moritz...

ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files

ASUS has released updates to address two security flaws impacting ASUS DriverHub that, if successfully exploited, could enable an attacker to leverage the software in order to achieve remote code execution. DriverHub is a tool that's designed to automatically detect the motherboard model of a...

CVE-2025-20196

A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Cisco IOx application hosting environment to stop responding, resulting in a denial of service DoS condition. This...