Lucene search
K

11 matches found

RedHat Linux
RedHat Linux
added 2026/06/22 5:29 a.m.11 views

kernel: Linux kernel: Denial of Service in libceph OSD client due to unreset sparse-read state

A flaw was found in the Linux kernel's libceph OSD client. When a connection fault occurs during a sparse read, the sparse-read state is not properly reset. This allows a misbehaving or compromised Ceph OSD server, or a network adversary, to disrupt traffic. As a result, the client can misinterpr...

7.5CVSS5.8AI score0.0028EPSS
Exploits0References5
NVD
NVD
added 2024/01/08 2:15 p.m.12 views

CVE-2023-51701

fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. A reverse proxy server built with @fastify/reply-from could misinterpret the incoming body by passing an header ContentType: application/json ; charset=utf-8. This can lead to bypass of security checks...

7.5CVSS6AI score0.00479EPSS
Exploits0References2
OSV
OSV
added 2024/01/08 1:55 p.m.23 views

CVE-2023-51701 @fastify-reply-from JSON Content-Type parsing confusion

fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. A reverse proxy server built with @fastify/reply-from could misinterpret the incoming body by passing an header ContentType: application/json ; charset=utf-8. This can lead to bypass of security checks...

5.3CVSS7.4AI score0.00479EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/11/29 12:12 p.m.4 views

haproxy: Proxy forwards malformed empty Content-Length headers

A flaw was found in HAProxy. Empty Content-Length headers are forwarded, which could cause an HTTP/1 server behind it to interpret the payload as an extra request. This may render the HTTP/1 server vulnerable to attacks in some uncommon cases...

7.2CVSS5.7AI score0.01815EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.32 views

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2022:1819)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:1819 advisory. - Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm...

9.8CVSS7.1AI score0.10299EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2022/06/17 12:0 a.m.40 views

EulerOS 2.0 SP5 : golang (EulerOS-SA-2022-1890)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to...

7.5CVSS7.4AI score0.05335EPSS
Exploits1References4
OSV
OSV
added 2022/02/11 1:15 a.m.29 views

CVE-2022-23773

cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags...

7.5CVSS6.5AI score
Exploits0References4
Debian CVE
Debian CVE
added 2022/02/11 12:16 a.m.42 views

CVE-2022-23773

cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags...

7.5CVSS8.5AI score0.02698EPSS
Exploits0
Cvelist
Cvelist
added 2022/02/11 12:16 a.m.24 views

CVE-2022-23773

cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags...

8.5AI score0.02698EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/09/14 12:0 a.m.7 views

SAP Web dispatcher 环境问题漏洞

SAP Web dispatcher is a core component of Load Balancing from SAP, which supports load balancing and provides reverse proxy functionality to enable external network users to access internal applications. A security vulnerability exists in SAP Web Dispatcher that allows an attacker to submit a...

9.4CVSS8.4AI score0.02601EPSS
Exploits2References8
Debian CVE
Debian CVE
added 2020/12/02 4:20 p.m.35 views

CVE-2020-13956

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution...

5.3CVSS7.1AI score0.08665EPSS
Exploits1
Rows per page
Query Builder