CVE-2025-3112

CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause Denial of Service when an authenticated malicious user sends manipulated HTTPS Content-Length header to the webserver...

CVE-2025-3116

CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends special malformed HTTPS request containing improper formatted body data to the controller...

CVE-2025-3112

CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause Denial of Service when an authenticated malicious user sends manipulated HTTPS Content-Length header to the webserver...

CVE-2025-3112

CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause Denial of Service when an authenticated malicious user sends manipulated HTTPS Content-Length header to the webserver...

CVE-2025-3112

CVE-2025-3112 describes an Uncontrolled Resource Consumption vulnerability in Schneider Electric Modicon Controllers (M241/M251/M258/LMC058/M262 family). The issue arises from handling an authenticated user-supplied manipulated HTTPS Content-Length header, enabling a Denial of Service. The CVSS m...

CVE-2025-3898

CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends HTTPS request containing invalid data type to the webserver...

CVE-2025-3898

CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends HTTPS request containing invalid data type to the webserver...

PT-2025-24627 · Schneider Electric · Modicon Controllers M241/M251 +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A Denial of Service issue exists due to improper input validation. This occurs when an authenticated malicious user sends a special malformed HTTPS request containing improperly formatted bo...

OESA-2025-1612 cpp-httplib security update

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size...

MAL-2025-4644 Malicious code in https-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef1ec069afa771aee14fdc9cedd50a8db0d66030e38f15897a5816782e20a892 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in https-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef1ec069afa771aee14fdc9cedd50a8db0d66030e38f15897a5816782e20a892 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

HTTPS access to NetScaler Console is failed after installing a new certificate

HTTPs access to NetScaler Console failed after installing a new certificate from GUI System -Administration -Install SSL Certificate in NetScaler Console...

SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2025:01787-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01787-1 advisory. Update to version 9.20.9. - Security issues fixed: CVE-2025-40775: denial-of-service due to assertion failure...

SUSE-SU-2025:01787-1 Security update for bind

This update for bind fixes the following issues: Update to version 9.20.9. - Security issues fixed: CVE-2025-40775: denial-of-service due to assertion failure caused by the processing of a NS message with an invalid TSIG bsc1243361. CVE-2024-12705: CPU and memory exhaustion due to DNS-over-HTTPS...

Debian: Security Advisory (DSA-5927-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2025-23063

Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description The issue arises from an omission in libcurl's support for pinning the server certificate public key for HTTPS transfers when using QUIC for HTTP/3 with the wolfSSL TLS backend. Although the...

Fedora: Security Advisory (FEDORA-2024-791faa660a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-47871

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves insecure communication between the FRP Fast Reverse Proxy client and server when Gradio's share=True option is used. HTTPS is not enforced on the connection, allowing attackers to intercept and rea...

CVE-2024-47530

Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by redirecting them to malicious page. /login API endpoint is vulnerable to open redirect attack via next parameter due to absence of sanitization logic. Additionally, due to lac...

CVE-2024-27909

A denial of service vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in a system reboot...