DEBIAN-CVE-2021-21299

hyper is an open-source HTTP library for Rust crates.io. In hyper from version 0.12.0 and before versions 0.13.10 and 0.14.3 there is a vulnerability that can enable a request smuggling attack. The HTTP server code had a flaw that incorrectly understands some requests with multiple...

[SECURITY] Fedora 32 Update: wireshark-3.2.7-1.fc32

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

HashiCorp Terraform Encryption Issues Vulnerabilities

HashiCorp Terraform is an open source tool for provisioning and managing cloud infrastructure from HashiCorp, USA. An encryption issue vulnerability exists in HashiCorp Terraform versions prior to 0.12.17 that stems from the program's use of HTTP to transfer sensitive information, which can be...

Code injection

The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 versions is transferred through HTTP. A man in the middle MITM can tamper with the upgrade package of Huawei Vmall APP, and to implant the malicious applications...

Photo Manager Pro 4.4.0 iOS - Code Execution

Document Title: =============== Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1444 Release Date: ============= 2015-03-10 Vulnerability Laboratory ID VL-ID: ====================================...

Apache2 PHP Component Chunked Transfer Encoding Policy Bypass (CVE-2013-5705; CVE-2018-17082)

A cross-site scripting vulnerability exists in Apache2 PHP component. The vulnerability is due to improper comparison of the user supplied input of the HTTP Transfer-encoding header field. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted HTTP request to sen...