Lucene search
K

18 matches found

Github Security Blog
Github Security Blog
added 2026/05/06 9:38 p.m.11 views

Flight: HTTP method override enabled by default, facilitating CSRF escalation and middleware bypass

Summary Request::getMethod unconditionally honors the X-HTTP-Method-Override header and the $REQUEST'method' parameter on any HTTP verb including safe verbs such as GET, with no opt-in and no whitelist of permitted target methods. A GET request can silently become a DELETE or PUT, enabling CSRF...

7.5CVSS5.8AI score0.0031EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.7 views

smolagents 安全漏洞

smolagents is a basic library for agents, open-sourced by Hugging Face. Version 1.24.0 of smolagents contains a security vulnerability. This vulnerability stems from improper request handling in the LocalPythonExecutor component, which may lead to server-side request forgeing attacks...

9.8CVSS6.6AI score0.00379EPSS
Exploits1References5
OSV
OSV
added 2025/09/12 8:42 a.m.9 views

CLSA-2025-1757666519 xorg-x11-server: Fix of CVE-2025-49178

CVE-2025-49178: fix request handling flaw causing potential denial of service...

5.5CVSS6AI score0.00199EPSS
Exploits0References1
OSV
OSV
added 2025/09/12 7:33 a.m.8 views

CLSA-2025-1757662405 xorg-x11-server: Fix of CVE-2025-49178

CVE-2025-49178: fix request handling flaw causing potential denial of service...

5.5CVSS6AI score0.00199EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/07/07 12:25 p.m.3 views

xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service...

5.5CVSS5.7AI score0.00199EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/07 5:33 a.m.8 views

xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service...

5.5CVSS5.7AI score0.00199EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/07 2:49 a.m.10 views

xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service...

5.5CVSS5.7AI score0.00199EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/07 2:2 a.m.6 views

xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service...

5.5CVSS5.7AI score0.00199EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/07 1:25 a.m.6 views

xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service...

5.5CVSS5.7AI score0.00199EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/06/30 1:49 p.m.5 views

xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service...

5.5CVSS5.7AI score0.00199EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/06/23 1:31 a.m.4 views

xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service...

5.5CVSS5.7AI score0.00199EPSS
Exploits0References6
OSV
OSV
added 2025/06/17 3:15 p.m.4 views

AZL-64230 CVE-2025-49178 affecting package xorg-x11-server for versions less than 1.20.10-16

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service...

5.5CVSS7.1AI score0.00199EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/06/16 12:0 a.m.8 views

The vulnerability of the “Termide Virtual Desktops Connection Monitor” software agent arises from the lack of protective measures for the request structure, allowing a perpetrator to execute arbitrary code.

The vulnerability of the “Termide Virtual Desktops Connection Monitor” software agent is related to the lack of protective measures for the request structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS5.9AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.8 views

The vulnerability of the GLPI system’s request and incident handling functionality lies in the lack of HTML tag neutralization during website generation. This allows attackers to carry out cross-site scripting attacks.

The vulnerability of the GLPI system’s request and incident handling functionality relates to the absence of HTML tag neutralization during the generation of web pages. Exploiting this vulnerability allows a malicious actor to carry out cross-site scripting attacks...

5.5CVSS5.6AI score0.00589EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2022/12/30 11:4 a.m.3 views

OESA-2022-2164 trafficserver security update

Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse,forward and transparent proxy and cache. Security Fixes: Improper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache Traffic Server allows an attacker to crash the server under certain...

7.5CVSS6.2AI score0.013EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/09/21 12:0 a.m.8 views

The vulnerability of the WSGI server for Python Waitress, related to HTTP request processing flaws, allows attackers to compromise data integrity.

The vulnerability of the WSGI server for Python Waitress is related to the improper handling of the recurring Content-Length header. Exploiting this vulnerability allows an attacker to compromise data integrity remotely...

7.8CVSS6.4AI score0.02122EPSS
Exploits0References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2021/07/15 12:0 a.m.12 views

The vulnerability of the DNS server Dnsmasq, related to errors in the implementation of security checks for standard elements, allows attackers to compromise the integrity of the protected information.

The vulnerability of the Dnsmasq DNS server lies in the lack of checking for requests with the same name. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information...

4.3CVSS6.9AI score0.04873EPSS
Exploits2References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2019/01/15 12:0 a.m.5 views

The vulnerability of Microsoft Edge browser, related to errors in request handling mechanisms, allows attackers to disclose protected information.

The vulnerability of Microsoft Edge relates to errors in the request processing mechanism. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information through a specially crafted web page...

4.3CVSS6.5AI score0.05498EPSS
Exploits0References3
Rows per page
Query Builder