308 matches found
CLSA-2025-1762783856 Fix CVE(s): CVE-2024-38428
SECURITY UPDATE: mishandling of semicolons in userinfo - debian/patches/CVE-2024-38428.patch: properly re-implement userinfo parsing in src/url.c. - CVE-2024-38428...
EUVD-2007-0622
Malware in sbrugna...
EUVD-2004-2588
Malware in sbrugna...
EUVD-2020-29376
Malware in sbrugna...
EUVD-2008-4471
Malware in sbrugna...
EUVD-2021-24635
Malware in sbrugna...
EUVD-2023-1380
Malicious code in bioql PyPI...
EUVD-2025-13352
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2015-1126
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly handle the userinfo field in FT...
SUSE SLES15: libruby2_5-2_5 / ruby2.5 / ruby2.5-devel / ruby2.5-devel-extra / etc (SUSE-SU-2025:02739-2)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02739-2 advisory. - CVE-2025-6442: Fixed readheader HTTP Request Smuggling Vulnerability in WEBrick bsc1245254 - CVE-2025-27221: Fixed userinfo...
CLSA-2025-1756409922 wget: Fix of CVE-2024-38428
CVE-2024-38428: fix mishandle semicolons in userinfo subcomponent of URI to prevent insecure behavior...
wget: Fix of CVE-2024-38428
CVE-2024-38428: fix mishandle semicolons in userinfo subcomponent of URI to prevent insecure behavior...
BIT-LIBPHP-2020-7071 FILTER_VALIDATE_URL accepts URLs with invalid userinfo
In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filtervar$url, FILTERVALIDATEURL, PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong dat...
RockyLinux 9 : ruby:3.3 (RLSA-2025:4493)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:4493 advisory. net-imap: Net::IMAP vulnerable to possible DoS by memory exhaustion CVE-2025-25186 CGI: Denial of Service in CGI::Cookie.parse CVE-2025-27219 uri: userin...
ruby:3.3 security update
An update is available for module.ruby, rubygem-pg, ruby, module.rubygem-pg, module.rubygem-mysql2, rubygem-mysql2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE li...
RLSA-2025:4493 Moderate: ruby:3.3 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: net-imap: Net::IMAP vulnerable to possible DoS by memory exhaustion CVE-2025-25186 CGI: Denial of Service in CGI::Cookie.parse...
RLSA-2025:4488 Moderate: ruby:3.1 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters suc...
ruby:3.3 security update
An update is available for module.ruby, module.rubygem-abrt, module.rubygem-pg, rubygem-pg, module.rubygem-mysql2, rubygem-mysql2, rubygem-abrt, ruby. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RLSA-2025:10217 Moderate: ruby:3.3 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: net-imap: Net::IMAP vulnerable to possible DoS by memory exhaustion CVE-2025-25186 CGI: Denial of Service in CGI::Cookie.parse...
RLSA-2025:4063 Moderate: ruby:3.1 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters suc...