ROS-20251006-11

A vulnerability in the permissions model of the Node.js software platform is related to flaws in the processing of HTTP requests. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions and send unauthorized requests. existing security restrictions...

ROS-20250619-08

The h11 library vulnerability is related to flaws in HTTP request processing. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality and integrity of protected information. of protected information...

Netscaler-14.1- How NetScaler handles expect:100 continue header

When NetScaler gets an HTTP request that includes the Expect: 100-Continue header, it sends a 100 Continue response back to the client. This step is important because NetScaler’s Application Firewall needs to review the full request—including the body—before passing it on to the backend server...

CVE-2025-29462

A buffer overflow vulnerability has been discovered in Tenda Ac15 V15.13.07.13. The vulnerability occurs when the webCgiGetUploadFile function calls the socketRead function to process HTTP request messages, resulting in the overwriting of a buffer on the stack...

CVE-2025-29462

A buffer overflow vulnerability has been discovered in Tenda Ac15 V15.13.07.13. The vulnerability occurs when the webCgiGetUploadFile function calls the socketRead function to process HTTP request messages, resulting in the overwriting of a buffer on the stack...

PT-2025-14788 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda Ac15 version 15.13.07.13 Description: A buffer overflow issue has been discovered. It occurs when the webCgiGetUploadFile function calls the socketRead function to process HTTP request messages, resulting in the overwriting of a buffer ...

TRENDnet TI-G102i 安全漏洞

The TRENDnet TI-G102i is a smart switch from Trendnet, Inc. A security vulnerability exists in TRENDnet TI-G102i versions 1.0.7.S0 and 1.0.8.S0, which stems from a null pointer dereference issue in the HTTP request processing component...

CVE-2023-41230

D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this...

CVE-2023-41230

The CVE-2023-41230 issue affects D-Link DIR-3040 routers. The vulnerable component is prog.cgi serving HNAP requests on lighttpd (ports 80/443). Root-context code execution arises from a stack-based buffer overflow caused by copying an unchecked user-supplied string into a fixed-size local buffer...

CVE-2023-41230 D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this...

CVE-2023-41229

The CVE-2023-41229 issue affects the D-Link DIR-3040 router. A heap-based buffer overflow in the prog.cgi handler for HNAP requests processed by the lighttpd webserver (ports 80/443) arises from inadequate validation of a user-supplied string, enabling an attacker with network proximity to execut...

nodejs:16 security update

An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

The vulnerability of the aiohttp HTTP client, related to deficiencies in HTTP request processing, allows attackers to execute the “HTTP request hijacking” attack.

The vulnerability of the aiohttp HTTP client is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a remote attacker to perform an “HTTP request hijacking” attack...

PT-2023-5832 · D Link · D-Link Dir-3040

Name of the Vulnerable Software and Affected Versions: D-Link DIR-3040 affected versions not specified Description: The vulnerability is related to a heap-based buffer overflow in the HTTP request processing referer of D-Link DIR-3040 routers. This issue allows network-adjacent attackers to execu...

The vulnerability of the server software HAProxy, related to deficiencies in HTTP request processing, allows attackers to carry out the “HTTP request hijacking” attack.

The vulnerability of the server-side software HAProxy is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to carry out an “HTTP request hijacking” attack...

PT-2023-1414 · Zyxel · Zyxel Gs1915 +4

Name of the Vulnerable Software and Affected Versions: Zyxel GS1920-24v2 firmware versions prior to V4.70ABMH.8C0 Zyxel GS1350, GS1915, GS1920, GS2220 affected versions not specified Description: The issue is related to an improper check for unusual or exceptional conditions in the HTTP request...

The vulnerability of the Pallets Werkzeug web application library, related to deficiencies in HTTP request processing, allows attackers to execute XSS attacks.

The vulnerability of the Pallets Werkzeug web application lies in its lack of proper HTTP request processing. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks using specially crafted HTTP requests...

The vulnerability of the DNS BIND server, related to deficiencies in HTTP request processing, allows attackers to compromise the integrity of data.

The vulnerability of the DNS BIND server is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to compromise data integrity remotely...

The vulnerability of the nginx HTTP server, related to deficiencies in HTTP request processing, allows attackers to gain unauthorized access to information.

The vulnerability of the nginx HTTP server is related to deficiencies in HTTP request processing. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to sensitive information...

The vulnerability of the free Apache2 web server, related to HTTP request processing flaws, allows attackers to compromise data integrity.

The vulnerability of the free Apache2 web server is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to compromise data integrity...