12642 matches found
SUSE CVE-2025-6442
Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...
CVE-2021-41691
A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...
CVE-2025-6434
The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability was fixed in Firefox 140 and Thunderbird 1...
Important: rclone
Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...
CVE-2021-41691
A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...
OS4Ed OpenSIS 安全漏洞
OS4Ed OpenSIS is a student information system software from OS4Ed, Inc. A security vulnerability exists in OS4Ed OpenSIS version v8.0, which stems from improper handling of the STUDENTID and TRANSFERSCHOOL parameters in a POST request, which could lead to an SQL injection attack...
PT-2025-28873
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was discovered in the Linux kernel related to the handling of the atm dev mutex within the ATM Asynchronous Transfer Mode subsystem. Specifically, the mutex was not being releas...
CVE-2025-27387
OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure...
CVE-2025-27387 OPPO Clone Phone uses weak WPA passphrase as only means of security
OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure...
CVE-2025-27387 OPPO Clone Phone uses weak WPA passphrase as only means of security
OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure...
CVE-2025-27387
OPPO Clone Phone (CVE-2025-27387) is affected by an information disclosure due to a weak WPA/Wi‑Fi hotspot used to transfer files. The CVE details specify adjacent attack vector with low complexity and no privileges required, yielding confidentiality impact (high) while other impacts are not indi...
Important: runc
Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...
Important: amazon-ecr-credential-helper
Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...
Amazon Linux 2 : runc (ALASDOCKER-2025-068)
The version of runc installed on the remote host is prior to 1.2.4-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-068 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF...
OPPO Clone Phone 信息泄露漏洞
OPPO Clone Phone is a cell phone cloning application from the Chinese company OPPO. OPPO Clone Phone suffers from an information leakage vulnerability that originates from the use of a weak password WiFi hotspot to transfer files resulting in information leakage...
Important: runc
Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...
Important: runc
Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...
Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2025-1040)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1040 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly...
The vulnerability of the nvmet_data_transfer_len() function in the drivers/nvme/target/core.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the nvmetdatatransferlen function in the drivers/nvme/target/core.c module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the SAP Field Logistics module of the SAP S/4HANA software platform allows a perpetrator to compromise data integrity.
The vulnerability of the SAP Field Logistics module of the SAP S/4HANA software platform is related to errors in handling HTTP requests. Exploiting this vulnerability allows a malicious actor to compromise data integrity from a remote location...