The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 …

A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the c…

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause…

HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors rela…

The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote at…

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (AS…

An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When pars…

A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a c…

lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-…

Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificat…

An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and …

A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in …

An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to c…

The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used wi…

avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a d…

If named is configured to use Response Policy Zones (RPZ) an error processing some rule types c…

Improper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.3…

In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC reso…

The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.…

An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x be…

The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0…

mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU …

qubes-mirage-firewall (aka Mirage firewall for QubesOS) 0.8.x through 0.8.3 allows guest OS use…

The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and…

An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to …

ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-servi…

aspnet_wp.exe in Microsoft ASP.NET web services allows remote attackers to cause a denial of se…

A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" heade…

The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP S…

The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can ge…

A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting version…

The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows rem…

Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_conne…

gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before …

The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote atta…

When reading a specially crafted 7Z archive, the construction of the list of codecs that decomp…

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of pyth…

A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6…

handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final …

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2…