Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh

...

vLLM 安全漏洞

vLLM is a high throughput and memory efficient inference and service engine for LLM from the vLLM open source. A security vulnerability exists in vLLM that stems from a maliciously constructed statement that could lead to a hash collision, which could lead to cache reuse, which could interfere wi...

CVE-2020-11077

A flaw was found in rubygem-puma. A client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first...

Mail.ru: money.mail.ru: Странное поведение SMS

Есть API для отправки SMS: POST /usr/sendsmscode HTTP/1.1 Host: money.mail.ru User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.9; rv:28.0 Gecko/20100101 Firefox/28.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3...