Google Chrome 输入验证错误漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an input validation error vulnerability, which stems from an improper implementation in Intents, that can be exploited by an attacker to submit a special Web request that can be elevated in privilege by...

CVE-2025-2960

A vulnerability classified as problematic has been found in TRENDnet TEW-637AP and TEW-638APB 1.2.7/1.3.0.106. This affects the function sub41DED0 of the file /bin/goahead of the component HTTP Request Handler. The manipulation leads to null pointer dereference. Access to the local network is...

TRENDnet TEW-637AP和TRENDnet TEW-638APB 安全漏洞

The TRENDnet TEW-637AP and TRENDnet TEW-638APB are both a wireless access point from Trendnet, Inc. A security vulnerability exists in TRENDnet TEW-637AP and TRENDnet TEW-638APB versions 1.2.7 and 1.3.0.106, which stems from a null pointer dereference issue in the HTTP request processing componen...

TRENDnet TEW-411BRP+ 安全漏洞

The TRENDnet TEW-411BRP+ is a smart switch from Trendnet, Inc. A security vulnerability exists in the TRENDnet TEW-411BRP+ version 2.07 that stems from a null pointer dereference issue in the HTTP request processing component...

TRENDnet TEW-410APB 安全漏洞

The TRENDnet TEW-410APB is a wireless access point from Trendnet, Inc. A security vulnerability exists in TRENDnet TEW-410APB version 1.3.06b, which stems from a null pointer dereference issue in the HTTP request processing component...

Regular Expression Denial of Service (ReDoS)

Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS through the gr.Datetime component. An attacker can cause the server to consume excessive CPU resources and...

Nuxt 安全漏洞

Nuxt is a free open source framework from Nuxt Open Source. A security vulnerability exists in Nuxt versions prior to 3.16.0 that originates from a specially crafted HTTP request sent to a server behind a CDN, which may poison the CDN cache in some cases, severely impacting site availability...

The vulnerability of the Fluent Bit logging collection and processing tool, related to the swapping of the zero pointer, allows a malicious actor to trigger a service failure.

The vulnerability of the Fluent Bit logging and processing tool is related to the assignment of the zero pointer. Exploiting this vulnerability can allow a malicious actor to cause a service failure through a specially crafted HTTP request...

HTTP Request Smuggling

Overview io.ktor:ktor-client-cio-jvm is a framework for quickly creating web applications in Kotlin with minimal effort. Affected versions of this package are vulnerable to HTTP Request Smuggling due to a race condition between multiple coroutines using the same thread. Remediation Upgrade...

CVE-2025-29904

In JetBrains Ktor before 3.1.1 an HTTP Request Smuggling was possible...

Google Chrome Browser UI Incorrectly Implemented Vulnerability

Google Chrome is a WEB browser developed by Google Inc. An incorrect implementation vulnerability exists in the Google Chrome Browser UI. An attacker can exploit this vulnerability to submit a special web request to perform UI spoofing...

AutoGPT 代码问题漏洞

AutoGPT is a tool from AutoGPT Open Source. Used to enable everyone to use and build accessible AI. A code issue vulnerability exists in versions prior to AutoGPT autogpt-platform-beta-v0.4.2, which stems from a Send Web Request component that could lead to server-side request forgery...

Google Chrome 安全漏洞

Google Chrome is a WEB browser developed by Google Inc. An incorrect implementation vulnerability exists in the Google Chrome Browser UI. An attacker can exploit this vulnerability to submit a special web request to perform UI spoofing...

D-Link DAP-1562 安全漏洞

The D-Link DAP-1562 is a wireless bridge from China's AUO D-Link. The D-Link DAP-1562 suffers from a null pointer dereference vulnerability, which originates from a null pointer dereference to parameter a1 in the HTTP POST Request Handler's function pureauthcheck, for which no detailed...

The vulnerability of the Proxy Header Handler component of the Keycloak identity and access management software allows a hacker to trigger a service failure.

The vulnerability of the Proxy Header Handler component of the Keycloak identity and access management software is related to shortcomings in HTTP request processing. Exploiting this vulnerability could allow a attacker to cause service failures...

CVE-2025-0159

IBM FlashSystem IBM Storage Virtualize 8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2.3, 8.5.3.0 through 8.5.3.1, 8.5.4.0, 8.6.0.0 through 8.6.0.5, 8.6.1.0, 8.6.2.0 through 8.6.2.1, 8.6.3.0, 8.7.0.0 through 8.7.0.2, 8.7.1.0, 8.7.2.0 through 8.7.2.1 could allow a remote attacker to bypas...

The vulnerability of the Prometheus Remote Write plugin for collecting and processing Fluent Bit logs, related to the assignment of a zero pointer, allows a malicious actor to trigger a service failure.

The vulnerability of the Prometheus Remote Write plugin for collecting and processing Fluent Bit logs is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure by sending a specially crafted HTTP request...

CVE-2025-27364

In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution RCE vulnerability was found in the dynamic agent implant compilation functionality of the server. This allows remote attackers to execute arbitrary code on the server that Caldera is running on via a crafted web...

Google Chrome Resource Management Error Vulnerability

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a resource management error vulnerability that stems from a post-release reuse issue contained in the Network module, which can be exploited by an attacker to submit a special Web request that can be trick...

The vulnerability of the SolrSearchMacros component of the XWiki Platform, a platform for creating collaborative web applications. This allows a hacker to execute arbitrary code.

The vulnerability of the SolrSearchMacros component in the XWiki Platform for creating collaborative web applications stems from the lack of measures taken to neutralize instructions in dynamically executed code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by...