DEBIAN-CVE-2026-8159

[email protected] and lower versions are vulnerable to denial of service via regular expression backtracking in the Content-Disposition filename parameter parser. A crafted multipart upload with a long header value can cause regex matching to take seconds, blocking the event loop. Impact: any...

AZL-43018 CVE-2024-29038 affecting package tpm2-tools for versions less than 4.3.2-2

tpm2-tools is the source repository for the Trusted Platform Module TPM2.0 tools. A malicious attacker can generate arbitrary quote data which is not detected by tpm2 checkquote. This issue was patched in version 5.7...

Flask-AppBuilder Security Vulnerability

Flask-AppBuilder is a simple and fast application development framework. A security vulnerability exists in Flask-AppBuilder versions prior to 4.3.11 that originates when Flask AppBuilder is set to AUTHTYPE AUTHOID, which allows an attacker to spoof an HTTP request to spoof the back-end OpenID...

ZeroMQ 资源管理错误漏洞

0MQ ZeroMQ is 0MQ an open source application . Provides sockets that can carry atomic messages across a variety of transports e.g., intra-process, inter-process, TCP, and multicast. A resource management error vulnerability exists in versions of ZeroMQ prior to 4.3.3, which can be exploited by an...

UBUNTU-CVE-2017-6458

Multiple buffer overflows in the ctlput functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable...