10978 matches found
CVE-2025-63649
An out-of-bounds read in the httpparsertransferencodingchunked function mkserver/mkhttpparser.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted POST request to the server...
EUVD-2025-206530
An out-of-bounds read in the httpparsertransferencodingchunked function mkserver/mkhttpparser.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted POST request to the server...
Monkey Server security vulnerabilities
Monkey Server is an open-source HTTP server developed by Monkey I/O. There is a security vulnerability in Monkey Server, which stems from out-of-bounds read accesses in the http parser-transferencodingchunked function. This vulnerability could lead to denial-of-service attacks...
CVE-2025-63649
CVE-2025-63649 affects monkey (mk_server/mk_http_parser.c) due to an out-of-bounds read in http_parser_transfer_encoding_chunked following commit f37e984. This can allow a remote attacker to trigger a Denial of Service by sending a crafted POST request to the server. Connected documents corrobora...
ROS-20260129-73-0020
Vulnerability in python-ldap due to a flaw in the output encoding or escaping mechanism. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...
CVE-2020-36973 PDW File Browser 1.3 - Remote Code Execution
PDW File Browser 1.3 contains a remote code execution vulnerability that allows authenticated users to upload and rename webshell files to arbitrary web server locations. Attackers can upload a .txt webshell, rename it to .php, and move it to accessible directories using double-encoded path...
urllib3: urllib3 Streaming API improperly handles highly compressed data
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...
SUSE CVE-2026-1484
A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...
Lab-Reflected-XSS-into-attribute-with-angle-brackets-HTML-encoded
Reflected XSS - Attribute Injection A simple demonstration of...
CVE-2026-1484
A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...
UBUNTU-CVE-2026-1484
A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...
CVE-2026-1484 Glib: integer overflow leading to buffer underflow and out-of-bounds write in glib g_base64_encode()
A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...
CVE-2026-1484
A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...
CVE-2026-1484 Glib: integer overflow leading to buffer underflow and out-of-bounds write in glib g_base64_encode()
A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...
CVE-2026-1484
A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...
EUVD-2026-4825
A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...
CVE-2026-1484
A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...
CLSA-2026-1769507907 Fix CVE(s): CVE-2024-50349
SECURITY UPDATE: Confusing users into sending their passwords to sites under the attacker’s control using crafted URLs - debian/patches/CVE-2024-50349.patch: also encode : in credentialformat, sanitize the user prompt - CVE-2024-50349...
CLSA-2026-1769507695 Fix CVE(s): CVE-2024-50349
SECURITY UPDATE: Confusing users into sending their passwords to sites under the attacker’s control using crafted URLs - debian/patches/CVE-2024-50349.patch: also encode : in credentialformat, sanitize the user prompt - CVE-2024-50349...
GHSA-J49H-6577-5XWQ gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values
Unbounded TLV length in ReadFile can cause Denial of Service Summary A Denial of Service vulnerability was identified in ReadFile where unbounded TLV length values could lead to excessive CPU and memory usage when processing data from a malicious or non-compliant NFC source. This issue has been...