Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/05/04 1:55 p.m.6 views

dovecot: denial of service via specially crafted NOOP command

A flaw was found in dovecot. An unauthenticated and remote attacker can send a specially crafted "NOOP" command containing numerous open and close parentheses without a command-ending line feed, causing the server to allocate an excessive amount of memory, resulting in a denial of service...

7.5CVSS5.8AI score0.00667EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/08/05 1:36 a.m.6 views

net/http: Request smuggling due to acceptance of invalid chunked data in net/http

A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed LF instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling—where an attacker tricks the system to se...

9.1CVSS7.1AI score0.00724EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/06/16 1:41 a.m.4 views

net/http: Request smuggling due to acceptance of invalid chunked data in net/http

A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed LF instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling—where an attacker tricks the system to se...

9.1CVSS7.1AI score0.00724EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2022/09/21 12:0 a.m.7 views

The vulnerability of the WSGI server for Python Waitress, related to HTTP request processing flaws, allows attackers to compromise data integrity.

The vulnerability of the WSGI server for Python Waitress is related to the uncertainty in recognizing a single LF character as a line feed. Exploiting this vulnerability allows an attacker to compromise data integrity...

7.8CVSS6.5AI score0.02714EPSS
Exploits1References10Affected Software4
Rows per page
Query Builder