Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2026/06/16 5:36 p.m.80 views

vLLM: OpenAI auth bypass

Summary A vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentication bypass of the OpenAI API AuthenticationMiddleware, which was discovered during @x41sec's source code audit. It allows to use the API without providing the configured VLLMAPIKEY or...

9.1CVSS5.5AI score0.0086EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/09/20 1:15 p.m.3 views

ALPINE-CVE-2023-3341

The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...

7.5CVSS7AI score0.02626EPSS
Exploits0References1
OSV
OSV
added 2023/09/20 1:15 p.m.2 views

DEBIAN-CVE-2023-3341

The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...

7.5CVSS6.7AI score0.02626EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/20 12:0 a.m.2 views

PT-2023-5449 · Isc +12 · Bind 9 +12

Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.2.0 through 9.16.43 BIND 9 versions 9.18.0 through 9.18.18 BIND 9 versions 9.19.0 through 9.19.16 BIND 9 versions 9.9.3-S1 through 9.16.43-S1 BIND 9 versions 9.18.0-S1 through 9.18.18-S1 Description: The code that processes...

7.8CVSS6.5AI score0.99995EPSS
Exploits1References151
Rows per page
Query Builder