DEBIAN-CVE-2025-46727

Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, Rack::QueryParser parses query strings and application/x-www-form-urlencoded bodies into Ruby data structures without imposing any limit on the number of parameters, allowing attackers to send requests with...

CVE-2025-46727

Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, Rack::QueryParser parses query strings and application/x-www-form-urlencoded bodies into Ruby data structures without imposing any limit on the number of parameters, allowing attackers to send requests with...

CVE-2025-46727 Unbounded-Parameter DoS in Rack::QueryParser

Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, Rack::QueryParser parses query strings and application/x-www-form-urlencoded bodies into Ruby data structures without imposing any limit on the number of parameters, allowing attackers to send requests with...

CVE-2025-46727 Unbounded-Parameter DoS in Rack::QueryParser

Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, Rack::QueryParser parses query strings and application/x-www-form-urlencoded bodies into Ruby data structures without imposing any limit on the number of parameters, allowing attackers to send requests with...

Exploit for CVE-2025-46271

CVE-2025-46271-Reverse-Shell-PoC Disclaimer This repository i...

Ensure That Passwords Do Not Contain User Names

To ensure user security, you must configure passwords that do not contain user names. If a password is the same as the user name or the user name in reverse order, or contains the user name, attackers can guess the password easily. This requirement is not exerted on passwords of users whose names...

Enable Reverse Path Filtering

Setting net.ipv4.conf.all.rpfilter and net.ipv4.conf.default.rpfilter to 1 forces the Linux kernel to perform reverse path filtering on a received packet and check the validity of its source address. If the Linux kernel queries the routing table in which the source address is included and finds...

CVE-2025-46728

A flaw was found in cpp-httplib. This vulnerability allows for denial of service via oversized HTTP requests when using chunked transfer encoding or missing Content-Length headers, leading to uncontrolled memory allocation and potential server crash. Mitigation Short-term workaround through a...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the handling of incoming HTTP requests with Transfer-Encoding: chunked or without a Content-Length header. An attacker can cause uncontrolled memory allocation on the server b...

DEBIAN-CVE-2025-46728

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...

CVE-2025-46728

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...

CVE-2025-46728 cpp-httplib has Unbounded Memory Allocation in Chunked/No-Length Requests

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...

CVE-2025-46728 cpp-httplib has Unbounded Memory Allocation in Chunked/No-Length Requests

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...

CVE-2025-46728

Summary (CVE-2025-46728) : The cpp-httplib library (a header-only C++ HTTP/S library) is vulnerable in versions before 0.20.1 due to failure to enforce size limits on incoming request bodies when using Transfer-Encoding: chunked or when no Content-Length is provided. A remote attacker can send ch...

CVE-2025-46728 cpp-httplib has Unbounded Memory Allocation in Chunked/No-Length Requests

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...

CVE-2025-46728

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...

PT-2025-19817

Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.20.1 Description cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. The library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or...

Exploit for Unrestricted Upload of File with Dangerous Type in Glpi-Project Glpi

CVE-2025-24801 PoC for GLPI RCE This repository contains a pr...

Exploit for Deserialization of Untrusted Data in Apache Activemq

CVE-2023-46604 !imagehttps://github.com/user-attachments/ass...

Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database

Automatically generates beautiful and easy-to-read ER diagrams from your database. Website • Documentation • Roadmap What's Liam ERD? Liam ERD generates beautiful, interactive ER diagrams from your database. Whether you're working on public or private repositories, Liam ERD helps you visualize...