CVE-2025-31958

HCL BigFix Service Management is susceptible to HTTP Request Smuggling. HTTP request smuggling vulnerabilities arise when websites route HTTP requests through web servers with inconsistent HTTP parsing. HTTP Smuggling exploits inconsistencies in request parsing between front-end and back-end...

Server-side Request Forgery (SSRF)

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via inconsistent URL parsing between the validation layer and the HTTP client in the loadfromurl and loadfromurlasy...

GHSA-R995-Q44H-HR64 Ruby WEBrick read_headers method can lead to HTTP Request/Response Smuggling

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

Ruby WEBrick read_headers method can lead to HTTP Request/Response Smuggling

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

CVE-2025-6442 Ruby WEBrick read_header HTTP Request Smuggling Vulnerability

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

CVE-2024-51434

Inconsistent tag parsing allows for XSS in Froala WYSIWYG editor 4.3.0 and earlier...

Bref Security Vulnerabilities

Bref is an open source project by Matthieu Napoli Individual Developer that helps you go serverless on AWS using PHP. A security vulnerability exists in versions prior to Bref 2.1.13 that stems from inconsistent parsing of body text by the Bref and Event-Driven functions...

GHSA-R285-Q736-9V95 Filename spoofing in archive

An issue in Archive v3.3.7 allows attackers to spoof zip filenames which can lead to inconsistent filename parsing...

CVE-2023-39137

An issue in Archive v3.3.7 allows attackers to spoof zip filenames which can lead to inconsistent filename parsing...

CVE-2023-39137

An issue in Archive v3.3.7 allows attackers to spoof zip filenames which can lead to inconsistent filename parsing...

Design/Logic Flaw

An issue in Archive v3.3.7 allows attackers to spoof zip filenames which can lead to inconsistent filename parsing...

Debian DSA-2527-1 : php5 - several vulnerabilities

Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2012-2688 A buffer overflow in the scandir function could lead to denial of service or the execution of arbitrary code. -...