PT-2026-48677

Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, axios exposes two read-side prototype-pollution gadgets. When Object.prototype is polluted by an upstream dependency in the same process e.g. lodash .merge / CVE-2018-16487, axios silently picks up the...

HAXcms with nodejs backend 安全漏洞

HAXcms with nodejs backend is an open source backend management system from HAX The Web. A security vulnerability exists in HAXcms with nodejs backend version 11.0.8 and earlier, which stems from mishandling of API request exceptions and could lead to a denial of service attack...

CVE-2025-25289

@octokit/request-error is an error class for Octokit request errors. Starting in version 1.0.0 and prior to version 6.1.7, a Regular Expression Denial of Service ReDoS vulnerability exists in the processing of HTTP request headers. By sending an authorization header containing an excessively long...

The vulnerability of cloud-based data storage software for IBM Watson CP4D Data Stores lies in HTTP request processing errors, which allow attackers to compromise data integrity.

The vulnerability of cloud-based data storage software from IBM Watson CP4D Data Stores relates to errors in handling HTTP requests. Exploiting this vulnerability can allow a malicious actor to compromise the integrity of data...

The vulnerability of the ajaxArchiveFiles.php component, a utility for managing the configuration of rConfig network devices, allows an attacker to execute arbitrary commands on the target system.

The vulnerability of the ajaxArchiveFiles.php component, a utility for managing the configuration of rConfig network devices, is related to errors in handling HTTP requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on the target system by sending...

The vulnerability of Web servers Embedthis GoAhead and Embedthis Appweb, related to HTTP request processing errors, allows attackers to trigger service interruptions.

The vulnerability of Embedthis GoAhead and Embedthis Appweb web servers is related to HTTP request processing errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Microsoft Common Object Runtime Library on the Microsoft .NET Framework software platform allows a perpetrator to cause a service failure.

The vulnerability of the Microsoft Common Object Runtime Library in the Microsoft .NET Framework is related to errors in handling web requests. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending specially crafted requests...

IBM Connections Information Disclosure Vulnerability (CNVD-2018-26361)

IBM Connections is a suite of social software platforms from IBM in the United States. The platform provides advanced analytics and real-time data monitoring capabilities, and accelerates web collaboration within and outside the organization through IBM SmartCloud services. An information...

CVE-2018-1935

IBM Connections 5.0, 5.5, and 6.0 could allow an authenticated user to obtain sensitive information from invalid request error messages. IBM X-Force ID: 153315...

cups: multiple issues

CVE-2015-1158 arbitrary code execution, privilege escalation An issue with how localized strings are handled in cupsd allows a reference counter to over-decrement when handling certain print job request errors. As a result, an attacker can prematurely free an arbitrary string of global scope,...

cups security and bug fix update

1:1.4.2-67 - Revert change to whitelist /rss/ resources, as this was not used upstream. 1:1.4.2-66 - More STR 4461 fixes from upstream: make rss feeds world-readable, but cachedir private. - Fix icon display in web interface during server restart STR 4475. 1:1.4.2-65 - Fixes for upstream patch fo...

Google Plugs High-Risk Holes in Chrome Browser

Google has released version 4.1.249.1059 of Chrome for Windows, a security update that addresses four high risk vulnerabilities in its WebKit-based browser. These vulnerabilities are; a memory corruption issue in Chrome’s V8 JavaScript Engine, type confusion errors with forums, cross-site scripti...