10 matches found
CVE-2026-34118
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP POST body parsing logic due to missing validation of remaining buffer capacity after dynamic allocation, due to insufficient boundary validation when handling externally supplied HTTP input. An...
CVE-2026-34118 Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP POST body parsing logic due to missing validation of remaining buffer capacity after dynamic allocation, due to insufficient boundary validation when handling externally supplied HTTP input. An...
TP-Link Tapo C520WS 安全漏洞
The TP-Link Tapo C520WS is a WiFi camera produced by TP-Link Corporation. The TP-Link Tapo C520WS v2.6 version contains a security vulnerability. This vulnerability stems from a lack of verification for the remaining buffer capacity after dynamic allocation in the HTTP POST body parsing logic. Th...
PT-2025-71: Control structure rewriting or heap-based buffer overflow during HTTP POST-content parsing in LCD KVM over IP switch CL5708IM
The vulnerability was identified in LCD KVM over IP switch CL5708IM firmware version v2.2.215. The discovered vulnerability allows an attacker to alter the device configuration or cause a denial‑of‑service. During HTTP POST content parsing, either control‑structure overwrite or a heap‑based buffe...
SUSE CVE-2020-6061
An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. An attacker needs to send an HTTPS request to trigger this vulnerability...
PT-2023-12730 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 2.8.14 on the stable branch Discourse versions prior to 2.9.0.beta16 on the beta and tests-passed branches Description: The issue affects the parsing of posts in Discourse, making it susceptible to regular expressi...
CVE-2021-31226
An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to lack of size validation. This vulnerability requires the attacker to send a crafted HTTP POST request with a URI longer than 50 bytes. This leads...
CoTURN HTTP Server POST-parsing information leak vulnerability
Summary An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. An attacker needs to send an HTTPS request to trigger this vulnerability. Teste...
Scientific Linux Security Update : php on SL6.x i386/x86_64 (20150709)
A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. CVE-2015-4024 An uninitialized pointer use flaw was found in PHP's Exif extension. A specially crafted JPEG or TIFF file could cause a PHP...
pserv buffer overflow
buffer overflow on POST parsing...