7607 matches found
EUVD-2022-37704
Malicious code in bioql PyPI...
EUVD-2022-41815
Malicious code in bioql PyPI...
EUVD-2024-43247
Malicious code in bioql PyPI...
EUVD-2022-42852
Malicious code in bioql PyPI...
EUVD-2024-19373
Malicious code in bioql PyPI...
EUVD-2022-41309
Malicious code in bioql PyPI...
EUVD-2022-35972
Malicious code in bioql PyPI...
EUVD-2024-33140
Malicious code in bioql PyPI...
EUVD-2025-8955
Malicious code in bioql PyPI...
CLSA-2025-1759497192 perl-CPAN: Fix of CVE-2023-31484
CVE-2023-31484: verify TLS certificates when downloading distributions over HTTPS...
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplie
...
CLSA-2025-1758821935 perl-CPAN: Fix of 2 CVEs
CVE-2023-31484: verify TLS certificates when downloading distributions over HTTPS - CVE-2020-16156: fix Signature Verification Bypass...
FreeBSD : dnsdist -- Denial of service via crafted DoH exchange (c2253bff-9952-11f0-b6e2-6805ca2fa271)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c2253bff-9952-11f0-b6e2-6805ca2fa271 advisory. [email protected] reports: In some circumstances, when DNSdist is configured to use the nghttp2...
GHSA-2JJV-QF24-VFM4
creationtimestamp| type| source ---|---|--- 2025-09-24 19:49:37+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115261005955876055...
jetty: HTTP/2 (including DNS over HTTPS) contains a design flaw and is vulnerable to "MadeYouReset" DoS attack through HTTP/2 control frames
A flaw was found in Jetty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...
RHEL 9 : Red Hat Product OCP Tools 4.17 OpenShift Jenkins (RHSA-2025:16456)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16456 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron...
PT-2025-38924
Name of the Vulnerable Software and Affected Versions PressPage Entertainment Inc Mavis HTTPS to HTTP Redirection versions through 1.4.3 Description A Cross-Site Request Forgery CSRF issue exists in PressPage Entertainment Inc Mavis HTTPS to HTTP Redirection, which also allows Stored Cross-Site...
SUSE CVE-2025-30187
In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources...
DEBIAN-CVE-2025-30187
In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources...
CVE-2025-30187
In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources...