Lucene search
K

34176 matches found

Cvelist
Cvelist
added 2026/03/07 4:8 p.m.27 views

CVE-2026-29076 cpp-httplib: Stack Overflow Denial of Service (DoS) via std::regex in multipart filename parsing

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.37.0, cpp-httplib uses std::regex libstdc++ to parse RFC 5987 encoded filename values in multipart Content-Disposition headers. The regex engine in libstdc++ implements backtracking via deep...

5.9CVSS0.00602EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/07 4:8 p.m.3 views

EUVD-2026-10158

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.37.0, cpp-httplib uses std::regex libstdc++ to parse RFC 5987 encoded filename values in multipart Content-Disposition headers. The regex engine in libstdc++ implements backtracking via deep...

5.9CVSS5.6AI score0.00602EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/07 4:8 p.m.3 views

CVE-2026-29076 cpp-httplib: Stack Overflow Denial of Service (DoS) via std::regex in multipart filename parsing

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.37.0, cpp-httplib uses std::regex libstdc++ to parse RFC 5987 encoded filename values in multipart Content-Disposition headers. The regex engine in libstdc++ implements backtracking via deep...

5.9CVSS5.6AI score0.00602EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/07 4:8 p.m.7 views

CVE-2026-29076

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.37.0, cpp-httplib uses std::regex libstdc++ to parse RFC 5987 encoded filename values in multipart Content-Disposition headers. The regex engine in libstdc++ implements backtracking via deep...

5.9CVSS5.6AI score0.00602EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2026/03/07 4:8 p.m.3 views

CVE-2026-29076

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.37.0, cpp-httplib uses std::regex libstdc++ to parse RFC 5987 encoded filename values in multipart Content-Disposition headers. The regex engine in libstdc++ implements backtracking via deep...

5.9CVSS5.5AI score0.00602EPSS
Exploits1
OSV
OSV
added 2026/03/07 4:8 p.m.3 views

CVE-2026-29076 cpp-httplib: Stack Overflow Denial of Service (DoS) via std::regex in multipart filename parsing

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.37.0, cpp-httplib uses std::regex libstdc++ to parse RFC 5987 encoded filename values in multipart Content-Disposition headers. The regex engine in libstdc++ implements backtracking via deep...

5.9CVSS5.6AI score0.00602EPSS
Exploits1References5
Veracode
Veracode
added 2026/03/07 5:2 a.m.7 views

Denial Of Service (DoS)

tools.jackson.core, jackson-core is vulnerable to Denial of Service DoS. The vulnerability is due to the UTF8DataInputJsonParser and ReaderBasedJsonParser bypassing the maxNestingDepth constraint when parsing JSON, which allows an attacker to supply excessively nested JSON input that triggers a...

8.7CVSS5.8AI score0.00552EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/07 1:44 a.m.6 views

CVE-2026-3613

A vulnerability was identified in Wavlink WL-NU516U1 V240425. This vulnerability affects the function sub401A0C of the file /cgi-bin/login.cgi. Such manipulation of the argument ipaddr leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is publicly...

8.6CVSS7.5AI score0.00709EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.7 views

cpp-httplib 安全漏洞

cpp-httplib is a C++ library developed by Yhirose, which includes servers and clients for HTTP/HTTPS protocols. Versions of cpp-httplib prior to 0.37.0 contained security vulnerabilities. These vulnerabilities stemmed from stack overflows that occurred when the std::regex library was used to pars...

5.9CVSS5.8AI score0.00602EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/07 12:0 a.m.2 views

PT-2026-23867

Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.37.0 Description The software uses std::regex libstdc++ to parse RFC 5987 encoded filename values in multipart Content-Disposition headers. A crafted filename parameter can cause uncontrolled stack growth due to...

8.7CVSS5.8AI score0.00602EPSS
Exploits6References34
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.5 views

Tenda FH451 安全漏洞

The Tenda FH451 is a router produced by the Chinese company Tenda. Version 1.0.0.9 of the Tenda FH451 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters mitlinktype/PPPOEPassword in the file/goform/QuickIndex, which may lead to a stack buffer overflo...

9CVSS7.7AI score0.00594EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/07 12:0 a.m.11 views

PT-2026-23887

Name of the Vulnerable Software and Affected Versions Tenda FH451 version 1.0.0.9 Description A stack-based buffer overflow exists in the function sub 3C434 of the file /goform/AdvSetWan. Manipulation of the wanmode/PPPOEPassword argument can trigger this issue. The attack can be initiated remote...

9CVSS7.6AI score0.00563EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2026/03/07 12:0 a.m.12 views

PT-2026-23888

Name of the Vulnerable Software and Affected Versions Tenda FH451 version 1.0.0.9 Description A stack-based buffer overflow exists in the formQuickIndex function of the /goform/QuickIndex file. Manipulation of the mit linktype/PPPOEPassword argument can trigger this issue, allowing for remote...

9CVSS7.7AI score0.00594EPSS
Exploits1References11
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.5 views

Tenda FH451 安全漏洞

The Tenda FH451 is a router produced by the Chinese company Tenda. Version 1.0.0.9 of the Tenda FH451 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters “wanmode” and “PPPOEPassword” in the file/goform/AdvSetWan, which may lead to a stack buffer...

9CVSS7.7AI score0.00563EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/03/06 2:10 p.m.5 views

CVE-2026-29062

A flaw was found in jackson-core. A user could exploit this vulnerability by supplying a specially crafted JSON document with excessive nesting. This bypasses a security constraint designed to limit nesting depth, which can cause a system crash StackOverflowError when the document is processed...

8.7CVSS5.7AI score0.00552EPSS
Exploits0References6
OSV
OSV
added 2026/03/06 12:41 p.m.3 views

OESA-2026-1501 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

7.5CVSS6AI score0.00284EPSS
Exploits0References2
OSV
OSV
added 2026/03/06 12:41 p.m.1 views

OESA-2026-1500 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

7.5CVSS6AI score0.00284EPSS
Exploits0References2
OSV
OSV
added 2026/03/06 12:41 p.m.2 views

OESA-2026-1498 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

7.5CVSS6AI score0.00284EPSS
Exploits0References2
OSV
OSV
added 2026/03/06 12:41 p.m.4 views

OESA-2026-1497 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

7.5CVSS6AI score0.00284EPSS
Exploits0References2
OSV
OSV
added 2026/03/06 11:37 a.m.4 views

SUSE-SU-2026:20657-1 Security update for libxslt, libxml2

This update for libxslt, libxml2 fixes the following issues: libxml2: - CVE-2026-0990: call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI bsc1256807, bsc1256811 - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to...

6.2CVSS6.2AI score0.00725EPSS
Exploits3References21
Rows per page
Query Builder