PyJWT: Unauthenticated DoS via unbounded Base64URL decoding of unused payload segment in b64=false detached JWS

!NOTE Practical impact depends on whether request body-size limits are enforced upstream proxy/web-server/framework. Deployments with typical body-size caps ≤2 MB bound the amplifier significantly; deployments accepting larger token inputs are more exposed. When verifying detached JWS tokens usin...

CVE-2026-52722

GStreamer VMnc decoder in gstreamer1-plugins-bad-free contains a signed integer overflow in cursor payload handling. A crafted VMnc stream with large cursor dimensions can cause signed payload-size arithmetic overflow, bypass a length check, and lead to out-of-bounds reads. This may allow a remot...

CVE-2026-45565 Roxy-WI: EscapedString validator skips its '..' block when stripping (root cause for several path-traversal/RCE vectors)

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, EscapedString app/modules/roxywi/classmodels.py:16-30 is the centralised Pydantic validator used on dozens of fields including SSH credential name, username, description, etc. Its...

Exim 安全漏洞

Exim is an open-source message transfer agent MTA developed by Exim Software, running on Unix systems. It primarily handles the routing, forwarding, and delivery of emails. Versions of Exim from 4.88 to 4.99.4 contained security vulnerabilities. These vulnerabilities stemmed from improper handlin...

📄 Microsoft Windows RRAS Integer Overflow

This Metasploit module simulates a remote exploitation attempt against a hypothetical integer overflow vulnerability in Windows RRAS, which could lead to a heap-based overflow and potential remote code execution...

USN-8131-1 gst-plugins-good1.0 vulnerabilities

It was discovered that GStreamer Good Plugins incorrectly handled certain X-QDM RTP payloads. A remote attacker could use this issue to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

CVE-2026-3085

GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

EUVD-2021-10100

Malware in sbrugna...

UBUNTU-CVE-2023-52989

In the Linux kernel, the following vulnerability has been resolved: firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region This patch is fix for Linux kernel v2.6.33 or later. For request subaction to IEC 61883-1 FCP region, Linux FireWire subsystem have had an issue...

AZL-57078 CVE-2024-50609 affecting package fluent-bit for versions less than 3.1.9-3

An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user with access to the...

php: Erroneous parsing of multipart form data

A flaw was found in PHP's parsing of multipart form data contents, which affects both file and input form data. This may lead to legitimate data not being processed, violating data integrity. For example, if a multipart form data payload contains a valid prefix 'X' of the defined boundary B such...

CVE-2022-34833

An issue was discovered in VERMEG AgileReporter 21.3. An admin can enter an XSS payload in the Analysis component...

PT-2023-21810 · Qualcomm · Qualcomm Aqt1000

Name of the Vulnerable Software and Affected Versions: Qualcomm AQT1000 affected versions not specified Description: The issue is related to memory corruption that occurs while handling payloads from remote ESL. There is no information provided about the estimated number of potentially affected...

GO-2023-1600 Arbitrary code execution in github.com/kitabisa/teler-waf

Improper handling of payload with special characters, such as CR/LF and horizontal tab, can lead to execution of arbitrary JavaScript code...

USN-5877-1 linux-gke-5.15 vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

PYSEC-2021-100

FastAPI is a web framework for building APIs with Python 3.6+ based on standard Python type hints. FastAPI versions lower than 0.65.2 that used cookies for authentication in path operations that received JSON payloads sent by browsers were vulnerable to a Cross-Site Request Forgery CSRF attack. I...

The vulnerability of the FortiOS operating system allows a perpetrator to disclose sensitive information or perform unauthorized user disconnection operations.

The vulnerability of the FortiOS operating system relates to an error in the handling of the Payload parameter and the lack of verification of request authenticity. Exploiting this vulnerability allows a malicious actor to perform cross-site forgery of requests to the /logindisconnect/currentadmi...

Microsoft Excel .SLK Payload Delivery

This module generates a download and execute Powershell command to be placed in an .SLK Excel spreadsheet. When executed, it will retrieve a payload via HTTP from a web server. When the file is opened, the user will be prompted to "Enable Content." Once this is pressed, the payload will execute...

Mozilla: Use-after-free in IndexedDB

A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability affects Firefox 62, Firefox ESR 60.2, and Thunderbird 60.2.1...

TCPDUMP ISAKMP Payload Handling DoS (CVE-2004-0183)

Tcpdump parses and displays, and optionally records packets received on a network interface matching a user provided filter. Two vulnerabilities exist in the Tcpdump ISAKMP payload handling module, which can be exploited to cause a DoS Denial of Service by sending packets with specially crafted...