CVE-2026-5766

A flaw was found in Django. This vulnerability allows a remote attacker to bypass the FILEUPLOADMAXMEMORYSIZE limit by sending specially crafted ASGI Asynchronous Server Gateway Interface requests with a missing or understated Content-Length header. This can lead to large files being loaded into...

CVE-2026-33034

A flaw was found in Django. A remote attacker can exploit this vulnerability by sending ASGI Asynchronous Server Gateway Interface requests with a missing or understated Content-Length header. This allows the attacker to bypass the DATAUPLOADMAXMEMORYSIZE limit, leading to an unbounded request bo...

CVE-2025-14550 Potential denial-of-service vulnerability via repeated headers when using ASGI

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. ASGIRequest allows a remote attacker to cause a potential denial-of-service via a crafted request with multiple duplicate headers. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not...

CVE-2026-1411

CVE-2026-1411 affects Beetel 777VR1 (up to 01.00.09/01.00.09_55). The issue is described as an unknown function in the UART Interface that allows improper access controls. Attacks are stated to be feasible on the physical device, with a high attack complexity and high privileges required. Exploit...

The vulnerability of PwnDoc’s asynchronous interface functions in audit tools for automation of report generation allows a perpetrator to trigger a service failure.

The vulnerability of the asynchronous interface function of the PwnDoc automation tool for generating report documents is related to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

WordPress Plugin Unauthenticated Account Creation 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress Theme Fruitful 跨站脚本漏洞

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports personal blog sites on servers running PHP and MySQL.WordPress theme is a theme for WordPress. A cross-site scripting vulnerability exists in WordPress Theme Fruitful version 3.8.1 and prior...

WordPress Plugin uListing 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Plugin JobSearch WP Job Board 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...