CVE-2021-22197

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 where an infinite loop exist when an authenticated user with specific rights access a MR having source and target branch pointing to each other...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: nvme-tcp: sanitize request list handling Validate the request in nvmetcphandler2t, to ensure it is not part of any list. Otherwise, a malicious R2T PDU might inject a loop into the request list processing...

EUVD-2020-23245

Malware in sbrugna...

EUVD-2011-4240

Malware in sbrugna...

Cross site request forgery (csrf)

tindy2013 subconverter 0.6.4 has a /sub?target=%TARGET%&url=%URL%&config=%CONFIG% API endpoint that accepts an arbitrary %URL% value and launches a GET request for it, but does not consider that the external request target may indirectly redirect back to this original /sub endpoint. Thus, a reque...

CVE-2020-15114

In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This results in a denial of service, since the endpoint can become stuck in a loop of requestin...

[DDI-1012] Malformed request causes denial of service in HP Instant TopTools

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------------- Digital Defense Inc. Security Advisory DDI-1012 [email protected] http://www.digitaldefense.net/ -...