Lucene search
K

39 matches found

CNNVD
CNNVD
added 2025/08/30 12:0 a.m.5 views

BS.Player 安全漏洞

BS.Player is a multimedia player from BS. A security vulnerability exists in BS.Player version 2.57 build 1051, which stems from insufficient validation of the URL length when processing .m3u files, and may result in a buffer overflow...

10CVSS7.1AI score0.00704EPSS
Exploits0References7
NVD
NVD
added 2025/07/07 5:15 p.m.13 views

CVE-2025-53530

WeGIA is a web manager for charitable institutions. The Wegia server has a vulnerability that allows excessively long HTTP GET requests to a specific URL. This issue arises from the lack of validation for the length of the errorstr parameter. Tests confirmed that the server processes URLs up to...

8.7CVSS0.00392EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2024/09/09 8:19 p.m.158 views

path-to-regexp outputs backtracking regular expressions

Impact A bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period .. For example, /:a-:b. Patches For users of 0.1, upgrade to 0.1.10. All other users should upgrade to 8.0.0. These versions add backtrack protection...

7.5CVSS7.3AI score0.00932EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2023/04/25 9:15 p.m.6 views

ALPINE-CVE-2023-29007

Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted .gitmodules file with submodule URLs that are longer than 1024 characters can used to exploit a bug in...

7.8CVSS8AI score0.06079EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/05/10 12:0 a.m.6 views

TOTOLINK N600R 缓冲区错误漏洞

TOTOLINK N600R is a wireless router from Gion Electronics TOTOLINK, Taiwan, China.A buffer overflow vulnerability exists in TOTOLINK N600R V4.3.0cu.7647B20210106, which stems from a lack of length validation of the url parameter in the FUN00415bf0 function. An attacker could exploit this...

10CVSS8.9AI score0.01684EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2020/04/06 5:2 a.m.32 views

CVE-2020-7212

The encodeinvalidchars function in util/url.py in the urllib3 library 1.25.2 through 1.25.7 for Python allows a denial of service CPU consumption because of an inefficient algorithm. The percentencodings array contains all matches of percent encodings. It is not deduplicated. For a URL of length ...

7.8CVSS2.2AI score0.03288EPSS
Exploits0References5
Prion
Prion
added 2020/03/06 8:15 p.m.22 views

Code injection

The encodeinvalidchars function in util/url.py in the urllib3 library 1.25.2 through 1.25.7 for Python allows a denial of service CPU consumption because of an inefficient algorithm. The percentencodings array contains all matches of percent encodings. It is not deduplicated. For a URL of length ...

7.8CVSS7.3AI score0.03288EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2019/01/11 12:0 a.m.5 views

Foxit PDF SDK ActiveX Buffer Overflow Vulnerability

Foxit PDF SDK ActiveX is China's Foxit Foxit Software Corporation of a PDF software development kit, but also a visual programming components, it provides PDF display and annotation and other functions. A stack buffer overflow vulnerability exists in Foxit PDF SDK ActiveX 5.5.0 and earlier...

7.8CVSS7.5AI score0.04896EPSS
Exploits1References1
CNVD
CNVD
added 2017/05/11 12:0 a.m.5 views

F5 BIG-IP APM Remote Denial of Service Vulnerability

The F5 BIG-IP is a load balancer that uses a variety of distribution algorithms to distribute network requests to available servers in a server cluster, enabling network visitors to have the best possible networking experience by managing incoming Web data traffic and increasing effective network...

5.3CVSS6.6AI score0.0074EPSS
Exploits0References1
OSV
OSV
added 2017/05/09 3:29 p.m.3 views

CVE-2017-0302

In F5 BIG-IP APM 12.0.0 through 12.1.2 and 13.0.0, an authenticated user with an established access session to the BIG-IP APM system may be able to cause a traffic disruption if the length of the requested URL is less than 16 characters...

5.3CVSS5.8AI score0.0074EPSS
Exploits0References2
w3af
w3af
added 2013/06/10 11:2 p.m.21 views

motw

This plugin will specify whether the page is compliant against the MOTW standard. The standard is explained in: http://msdn2.microsoft.com/en-us/library/ms537628.aspx This plugin tests if the length of the URL specified by "XYZW" is lower, equal or greater than the length of the URL; and also...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2011/11/01 12:0 a.m.2 views

Green Dam URL Length Buffer Overflow

A remote code execution vulnerability has been reported in Green Dam. The vulnerability is due to a boundary check error while filtering specially crafted URLs. A remote attacker may exploit this vulnerability by enticing an unsuspecting user to open a malicious link. Successful exploitation woul...

8.3AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/08 12:0 a.m.38 views

jetAudio 7.0.5 - '.asx' Remote Stack Overflow (PoC)

Application: jetAudio = 7.0.5 .ASX Remote Stack Overflow Web Site: http://www.cowonamerica.com/download/ Platform: Windows Bug:Remote Stack Overflow Extension: ASX special condition: none ------------------------------------------------------- 1 Introduction 2 Bug 3 Proof of concept 4 Credits...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.31 views

WebLogic Server DoS

Requesting an overly long URL starting with a double dot can crash certain version of WebLogic servers. SPDX-FileCopyrightText: 2001 StrongHoldNet Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

10CVSS6.7AI score0.78371EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2004/08/26 12:0 a.m.40 views

gaim -- multiple buffer overflows

Sean infamous42md reports several situations in gaim that may result in exploitable buffer overflows: Rich Text Format RTF messages in Novell GroupWise protocol Unsafe use of gethostbyname in zephyr protocol URLs which are over 2048 bytes long once decoded...

7.5CVSS6.6AI score0.05427EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/08/10 12:0 a.m.11 views

Opera < 7.20 news URL Handling DoS

The version of Opera installed on the remote host reportedly crashes when processing a 'news:' URL of excessive length, that may result in a denial of service. It has been reported that this issue will trigger a condition that will prevent Opera from functioning until the program has been...

5.4AI score
Exploits0
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.26 views

CVE-2000-1007

I-gear 3.5.7 and earlier does not properly process log entries in which a URL is longer than 255 characters, which allows an attacker to cause reporting errors...

6.4AI score0.01137EPSS
Exploits0References2
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.21 views

websuite.txt

Advisory: Buffer overflow in SmartDesk WebSuite v2.1 Platforms Affected: Windows NT, Windows 98 Found by: cmart [email protected] Date: 5/23/99 Description: ----------- WebSuite v2.1 will crash when an additional 250+ characters is appended after the sites URL on NT Server 4 and NT Workstatio...

7.4AI score
Exploits0
exploitpack
exploitpack
added 1997/06/21 12:0 a.m.12 views

Microsoft IIS 2.03.0 - Long URL Denial of Service

Microsoft IIS 2.03.0 - Long URL Denial of Service // source: https://www.securityfocus.com/bid/2654/info Microsoft Internet Information Server is vulnerable to a denial of service. This particular denial of service affects versions 2.0, 3.0 and 4.0 of the server prior to service pack 4. The URL...

7.3AI score
Exploits0
Rows per page
Query Builder