CVE-2022-1705

Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid...

golang: net/http: improper sanitization of Transfer-Encoding header

A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid...

golang: net/http: improper sanitization of Transfer-Encoding header

A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid...

golang: net/http: improper sanitization of Transfer-Encoding header

A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid...

CVE-2022-31081

HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applications are served ...

GHSA-G48F-FF5H-5F64 Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop

Apache Hadoop 2.6.x encrypts intermediate data generated by a MapReduce job and stores it along with the encryption key in a credentials file on disk when the Intermediate data encryption feature is enabled, which allows local users to obtain sensitive information by reading the file...

nbdkit: NBD_OPT_STRUCTURED_REPLY injection on STARTTLS

A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBDOPTSTRUCTUREDREPLY before proxying everything else a client sends to the server, potentially leading the client to terminat...

Google Tensorflow 代码问题漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow has a code issue vulnerability that stems from the simplifyBroadcast function in the MLIR-TFRT infrastructure in TensorFlow being prone to segmentation errors. No detailed...

Mageia: Security Advisory (MGASA-2014-0006)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Node.js: Node.js Certificate Verification Bypass via String Injection

This is a report on behalf of Google, who did not want to report through H1. --- Summary Node’s APIs for reporting certificate fields are ambiguous and allow bypassing certificate verification in some circumstances. Details In light of CVE-2021-3712, I’ve been looking at code which misuses...

SonicWall SMA100 has an unspecified vulnerability

The Sonicwall SMA100 is a secure access gateway appliance from Sonicwall, Inc. A security vulnerability exists in the SonicWall SMA100 that could be exploited by an unauthenticated remote attacker to bypass firewall rules by using the SMA100 as an unexpected proxy or intermediate undetectable pro...

OESA-2021-1399 mutt security update

Mutt is a small but very powerful text-based mail client for Unix operating systems. Security Fixes: Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate.CVE-2020-14154...

in livehelperchat/livehelperchat

Description Sensitive data on the application can be exposed after the user logout Proof of Concept 1 Login to the application demo.livehelperchat.com/siteadmin/ 2 Go to page like My Account , or Any other page 3 Click logout 4 Click browser back button Impact When a user logs out without closing...

EulerOS 2.0 SP2 : freerdp (EulerOS-SA-2021-2370)

According to the versions of the freerdp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in updatereadiconinfo. It allows reading a attacker-defined amount...

Google TensorFlow 代码问题漏洞

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in Google TensorFlow versions prior to 2.6.0. The vulnerability stems from the MLIR optimization of the L2NormalizeReduceAxis operator. An attacker can exploit the vulnerability to cause a...

@alex.garcia/oak (>=0.0.17 <=0.0.19), @apify/better-sqlite3-prebuilds (=7.1.1) +195 more potentially affected by CVE-2021-32803 via tar (>=4.0.1 <=4.4.13)

tar NPM version =4.0.1, =0.0.17, =0.0.1, =0.2.0, =0.2.0, =3.0.7, =3.0.6, =1.4.0, =1.0.0, =1.0.0-alpha.1, =1.10.9-beta, =1.0.0, =1.1.4, =2.1.0, =2.2.0 and more Source cves: CVE-2021-32803 Source advisory: OSV:GHSA-R628-MHMH-QJHW...

Juniper Networks Junos OS Evolved 代码问题漏洞

Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS. Junos OS Evolved suffers from a code issue vulnerability that stems from a device configured with the ISIS Flexibility Algorithm for segmented routing and sensor-based statistics, where a single flap in an ISI...

OPENSUSE-SU-2021:1762-1 Security update for curl

This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure bsc1186114. - Allow partial chain verification jscSLE-17956 Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA...

UBUNTU-CVE-2021-36087

The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmapmatchany called indirectly from cilcheckneverallow. This occurs because there is sometimes a lack of checks for invalid statements in an optional block...

SELinux 资源管理错误漏洞

SELinux is a Linux subsystem from the National Security Agency that uses a secure architecture that allows administrators to better control who has access to the system. A security vulnerability exists in SELinux version 3.2, which stems from a use-after-free in the SELinux CIL compiler in the...