Lucene search
+L

2449 matches found

osv
osv
added 6 days ago2 views

OPENSUSE-SU-2026:21302-1 Security update for nghttp2

This update for nghttp2 fixes the following issue - CVE-2026-58055: HTTP request/response smuggling via upgrade request with Content-Length bsc1269489...

6.3CVSS6.2AI score0.00202EPSS
Exploits0References2
euvd
euvd
added last week12 views

EUVD-2026-33941

mint: Content-Length header accepts non-RFC "+" sign prefix...

6.3CVSS5.9AI score0.00301EPSS
Exploits0References5
euvd
euvd
added 2026/07/09 6:31 p.m.6 views

EUVD-2026-42642

An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding...

6AI score0.00433EPSS
Exploits0References2
euvd
euvd
added 2026/07/09 6:31 p.m.7 views

EUVD-2026-42643

Tenda CP3 V3.0 firmware V31.1.9.91 does not validate the Content-Length header field in RTSP requests including DESCRIBE, SETUP, and PLAY methods. When a request carrying a Content-Length header is received without a corresponding message body, the RTSP parser enters a persistent body-awaiting...

7.5CVSS6AI score0.00404EPSS
Exploits0References2
nvd
nvd
added 2026/07/09 5:16 p.m.9 views

CVE-2026-51600

Tenda CP3 V3.0 firmware V31.1.9.91 does not validate the Content-Length header field in RTSP requests including DESCRIBE, SETUP, and PLAY methods. When a request carrying a Content-Length header is received without a corresponding message body, the RTSP parser enters a persistent body-awaiting...

7.5CVSS0.00404EPSS
Exploits0References1
nvd
nvd
added 2026/07/09 5:16 p.m.12 views

CVE-2026-51599

An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding...

9.8CVSS0.00433EPSS
Exploits0References1
redhat
redhat
added 2026/07/09 3:29 p.m.4 views

netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers

A flaw was found in Netty's HttpObjectDecoder. A remote attacker can exploit this by sending a specially crafted HTTP/1.0 request that includes both Transfer-Encoding: chunked and Content-Length headers. While Netty correctly strips the conflicting Content-Length header for HTTP/1.1 messages, thi...

9.8CVSS6.8AI score0.00607EPSS
Exploits1References5
osv
osv
added 2026/07/09 12:56 p.m.3 views

OESA-2026-2980 nghttp2 security update

The framing layer of HTTP/2 is implemented as a form of reusable C library. On top of that, we have implemented HTTP/2 client, server and proxy. We have also developed load test and benchmarking tool for HTTP/2. Security Fixes: nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade...

6.3CVSS6.1AI score0.00202EPSS
Exploits0References2
osv
osv
added 2026/07/09 12:56 p.m.3 views

OESA-2026-2979 nghttp2 security update

The framing layer of HTTP/2 is implemented as a form of reusable C library. On top of that, we have implemented HTTP/2 client, server and proxy. We have also developed load test and benchmarking tool for HTTP/2. Security Fixes: nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade...

6.3CVSS6.1AI score0.00202EPSS
Exploits0References2
osv
osv
added 2026/07/09 12:56 p.m.3 views

OESA-2026-2977 nghttp2 security update

The framing layer of HTTP/2 is implemented as a form of reusable C library. On top of that, we have implemented HTTP/2 client, server and proxy. We have also developed load test and benchmarking tool for HTTP/2. Security Fixes: nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade...

6.3CVSS6.1AI score0.00202EPSS
Exploits0References2
cve
cve
added 2026/07/09 12:0 a.m.7 views

CVE-2026-51600

Summary: CVE-2026-51600 affects Tenda CP3 V3.0 firmware (V31.1.9.91). The RTSP service does not validate Content-Length when no body is present, causing the RTSP parser to enter a persistent body-awaiting state and the TCP connection to remain open, leading to a TCP resource leak. This is describ...

7.5CVSS6AI score0.00404EPSS
Exploits0References1
cve
cve
added 2026/07/09 12:0 a.m.12 views

CVE-2026-51599

CVE-2026-51599 affects MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n. The issue is an insufficient input validation in the RTSP service where an RTSP request with a Content-Length header but no body causes the RTSP parser to enter a body-waiting state, leading to the connection being silently c...

9.8CVSS6AI score0.00433EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/07/09 12:0 a.m.7 views

CVE-2026-51600

Tenda CP3 V3.0 firmware V31.1.9.91 does not validate the Content-Length header field in RTSP requests including DESCRIBE, SETUP, and PLAY methods. When a request carrying a Content-Length header is received without a corresponding message body, the RTSP parser enters a persistent body-awaiting...

7.5CVSS6AI score0.00404EPSS
Exploits0References2
cvelist
cvelist
added 2026/07/09 12:0 a.m.33 views

CVE-2026-51600

Tenda CP3 V3.0 firmware V31.1.9.91 does not validate the Content-Length header field in RTSP requests including DESCRIBE, SETUP, and PLAY methods. When a request carrying a Content-Length header is received without a corresponding message body, the RTSP parser enters a persistent body-awaiting...

0.00404EPSS
Exploits0References1
osv
osv
added 2026/07/07 2:34 p.m.4 views

PYSEC-2026-1860 Werkzeug possible resource exhaustion when parsing file data in forms

Applications using Werkzeug to parse multipart/form-data requests are vulnerable to resource exhaustion. A specially crafted form body can bypass the Request.maxformmemorysize setting. The Request.maxcontentlength setting, as well as resource limits provided by deployment software and platforms,...

7.5CVSS6.7AI score0.01102EPSS
Exploits0References11
osv
osv
added 2026/07/06 5:47 a.m.4 views

BIT-ACTIVEMQ-2026-49432 Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: STOMP negative content-length enables denial of service

Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can...

7.5CVSS6.1AI score0.00844EPSS
Exploits0References3
susecve
susecve
added 2026/07/04 2:19 a.m.14 views

SUSE CVE-2026-38969

ruby webrick through v1.9.2 WEBrick reparses trailer Content-Length into canonical request state, enabling request smuggling. NOTE: the Supplier reports that "The project README states that it is suitable for testing and development, and that its developers do not encourage its use to serve...

7.5CVSS6.1AI score0.00352EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/07/03 11:3 a.m.11 views

CVE-2026-38969

A flaw was found in WEBrick, a Ruby web server toolkit. This vulnerability allows a remote attacker to perform request smuggling by manipulating the Content-Length header in HTTP/1.1 requests. WEBrick incorrectly re-parses the trailer Content-Length, leading to a desynchronization between the pro...

6.5CVSS5.9AI score0.00352EPSS
Exploits0References6
snyk
snyk
added 2026/07/02 10:17 p.m.8 views

HTTP Request Smuggling

Overview webrick is a HTTP server toolkit that can be configured as an HTTPS server, a proxy server, and a virtual-host server. Affected versions of this package are vulnerable to HTTP Request Smuggling in the request process. An attacker can bypass request boundaries and interfere with HTTP...

6.9CVSS6AI score0.00352EPSS
Exploits0References2
osv
osv
added 2026/07/02 9:16 p.m.3 views

DEBIAN-CVE-2026-38969

Bulletin has no description...

6.1AI score0.00352EPSS
Exploits0References1
Rows per page
Query Builder