SquirrelMail 跨站脚本漏洞

SquirrelMail is a cross-platform Webmail mail system developed by SquirrelMail using the PHP language. A security vulnerability exists in SquirrelMail versions 1.4.23-svn-20250401 and earlier and 1.5.2-svn-20250401 and earlier versions 1.5.x, which stems from improper handling of email headers an...

CVE-2025-23225 IBM MQ denial of service

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user to cause a denial of service due to the improper handling of invalid headers sent to the queue...

OPENSUSE-SU-2019:2645-1 Security update for haproxy

This update for haproxy to version 2.0.10 fixes the following issues: HAProxy was updated to 2.0.10 Security issues fixed: - CVE-2019-18277: Fixed a potential HTTP smuggling in messages with transfer-encoding header missing the 'chunked' bsc1154980. - Fixed an improper handling of headers which...

Дырка в mail.local (mail from: shell)

В некоторых системах mail.local наботает как sgid mail или suid root. Некорректная обработка LMTP-заголовка mail from: позволяет выполнение shell-кода...