EUVD-2025-198362

A vulnerability exists in the Opto22 Groov Manage REST API on GRV-EPIC and groov RIO Products that allows remote code execution with root privileges. When a POST request is executed against the vulnerable endpoint, the application reads certain header details and unsafely uses these values to bui...

EUVD-2020-11520

Malware in sbrugna...

EUVD-2024-32371

Malicious code in bioql PyPI...

CVE-2025-58058

CVE-2025-58058 — xz (Go) memory allocation issue : The xz library (Go implementation) prior to 0.5.14 can allocate the full LZMA decoding buffer immediately after reading the header, before detecting improper data prepending to the stream. The LZMA header lacks a mandatory magic/checksum to catch...

CVE-2024-51139

Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier and Vigor2860/2925 3.9.8 and earlier and Vigor2862/2926 3.9.9.5 and earlier and Vigor2133/2762/2832 3.9.9 and earlier and Vigor165/166 4.2.7 and earlier and Vigor2135/2765/2766 4.4.5.1 and earlier and Vigor2865/2866/2927 4.4.5....

CVE-2024-3799 Shell command injection in Phoniebox

Insecure handling of POST header parameter body included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reach...

CVE-2024-3799

CVE-2024-3799 describes an insecure handling of POST header body in Phoniebox that allows an attacker to craft a webpage which, when visited by a user, causes the user’s browser to send malicious requests to hosts on the local network, potentially triggering shell command execution on the vulnera...

CVE-2024-3799 Shell command injection in Phoniebox

Insecure handling of POST header parameter body included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reach...

CVE-2023-4687 PageLayer < 1.7.7 - Unauthenticated Stored XSS

The Page Builder: Pagelayer WordPress plugin before 1.7.7 doesn't prevent unauthenticated attackers from updating a post's header or footer code on scheduled posts...

WordPress plugin Page Builder: Pagelayer Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

SUSE CVE-2010-2519

Heap-based buffer overflow in the MacReadPOSTResource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file...

CVE-2020-19616

Cross Site Scripting XSS vulnerability in mblog 3.5 via the post header field to /post/editing...

Cross site scripting

Cross Site Scripting XSS vulnerability in mblog 3.5 via the post header field to /post/editing...

CVE-2020-19616

Cross Site Scripting XSS vulnerability in mblog 3.5 via the post header field to /post/editing...

PHP 5.4.0RC6 Denial Of Service

No description provided by source. ?php / This script generates a POST header that makes PHP 5.4.0RC6 64 bit try to execute code at 0x1111111111111111 C Copyright 2012 Stefan Esser PHP 5.3.9 requires you to know the address of a writable address filled with NULL. 32bit requires you to create a fa...

PHP 5.4.0RC6 64bit Denial of Service

Exploit for php platform in category dos / poc RHEL, CentOS gdb c Continuing. Program received signal SIGSEGV, Segmentation fault. 0x00007fd959ca5f9d in zendhashindexupdateornextinsert ht=0x7fd96480d508, h=0, pData=0x7fff75c47bd0, nDataSize=8, pDest=0x7fff75c47bc8, flag=1,...

miniweb-dos.txt

MiniWeb Http Server 0.8.x Remote Denial of Service MiniWeb site http://sourceforge.net/projects/miniweb/ Author: gbr Tested running the server under Windows XP SP2 Description: The server doesn't do a sanity-check on 'Content-Length' value from POST Header, allowing the attacker to control the...

MiniWeb HTTP Server 0.8.x - Remote Denial of Service

MiniWeb HTTP Server 0.8.x - Remote Denial of Service MiniWeb Http Server 0.8.x Remote Denial of Service MiniWeb site http://sourceforge.net/projects/miniweb/ Author: gbr Tested running the server under Windows XP SP2 Description: The server doesn't do a sanity-check on 'Content-Length' value from...