Lucene search
K

14 matches found

Ubuntu
Ubuntu
added 2026/03/19 5:20 a.m.12 views

USN-8018-3: Python 2.7 vulnerabilities

USN-8018-1 fixed CVE-2025-12084, CVE-2025-15282, CVE-2026-0672, CVE-2026-0865 for python3. This update provides the corresponding updates for python2.7. Original advisory details: Denis Ledoux discovered that Python incorrectly parsed email message headers. An attacker could possibly use this iss...

6.3CVSS7.2AI score0.00708EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/06 2:54 a.m.6 views

CVE-2026-29046

TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Prior to version 2.04, TinyWeb accepts request header values and later maps them into CGI environment variables HTTP. The parser did not strictly reject dangerous control characters in header lines and header values, including CR, L...

9.2CVSS6AI score0.00387EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.5 views

CVE-2019-12822

In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a header parsing vulnerability causes a memory assertion, out-of-bounds memory reference, and potential DoS, as demonstrated by a colon on a line by itself...

7.5CVSS6.9AI score0.08848EPSS
Exploits0References1
OSV
OSV
added 2025/10/09 2:15 a.m.5 views

USN-7814-1 libhtp vulnerabilities

It was discovered that LibHTP did not correctly handle certain HTTP headers. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2024-23837 It was discovered that LibH...

7.5CVSS5.8AI score0.01193EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.6 views

PT-2025-34047 · Tenda · Tenda Ac6

Name of the Vulnerable Software and Affected Versions: Tenda AC6 version V02.03.01.110 Description: A denial of service issue exists in the HTTP Header Parsing functionality. A series of specially crafted HTTP requests can cause a reboot. An attacker can trigger this issue by sending multiple...

8.6CVSS6.3AI score0.00367EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/18 12:0 a.m.38 views

PHP 8.3.x < 8.3.19 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.32, 8.2.x prior to 8.2.28, 8.3.x prior to 8.3.19, or 8.4.x prior to 8.4.5. It is, therefore, affected by multiple vulnerabilities: - libxml streams use wrong content-type header wh...

9.8CVSS6.4AI score0.00821EPSS
Exploits2References6
OSV
OSV
added 2025/02/25 10:3 a.m.7 views

CLSA-2025-1740477793 python3.11: Fix of CVE-2024-6232

CVE-2024-6232: fix excessive backtracking in tarfile.TarFile header parsing to address ReDoS vulnerability...

7.5CVSS6.8AI score0.02203EPSS
Exploits2References1
OSV
OSV
added 2025/01/09 1:15 a.m.11 views

CVE-2023-27539

There is a denial of service vulnerability in the header parsing component of Rack...

5.3CVSS6.5AI score0.01063EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/04/30 10:32 a.m.10 views

rubygem-rack: Possible Denial of Service Vulnerability in Rack Header Parsing

A denial of service DoS vulnerability was found in rubygem-rack in how it parses Rack Header. Carefully crafted headers can cause header parsing in Rack to take longer than expected, resulting in a possible denial of service issue. Accept and Forwarded headers are impacted...

7.5CVSS6.6AI score0.01996EPSS
Exploits0References5
OSV
OSV
added 2024/03/12 10:22 a.m.5 views

USN-6689-1 ruby-rack vulnerabilities

It was discovered that Rack incorrectly parse some headers. An attacker could possibly use this issue to cause a denial of service. CVE-2023-27539, CVE-2024-26141, CVE-2024-26146...

7.5CVSS6.6AI score0.01996EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/10/18 12:0 a.m.2 views

Node.js 环境问题漏洞

Node.js is an open source, cross-platform JavaScript runtime environment. A security vulnerability exists in Node.js that stems from HTTP requests smuggling due to incorrect parsing of header fields...

6.5CVSS7.6AI score0.02587EPSS
Exploits1References11
OSV
OSV
added 2021/11/03 4:15 p.m.2 views

DEBIAN-CVE-2021-37149

Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0...

7.5CVSS7.3AI score0.02507EPSS
Exploits0References1
Prion
Prion
added 2019/06/14 2:29 p.m.18 views

Authentication flaw

In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a header parsing vulnerability causes a memory assertion, out-of-bounds memory reference, and potential DoS, as demonstrated by a colon on a line by itself...

5CVSS7.9AI score0.08848EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/12/19 12:0 a.m.5 views

Webroot BrightCloud SDK Buffer Overflow Vulnerability

Webroot BrightCloud SDK is a set of SDKs Software Development Kits from Webroot, Inc. for detecting website security. A buffer overflow vulnerability exists in the HTTP header parsing function in the Webroot BrightCloud SDK, which stems from the 'bchttpreadheader' function failing to correctly...

9.3CVSS8.2AI score0.02546EPSS
Exploits1References1
Rows per page
Query Builder