CVE-2026-34831

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Filesfail sets the Content-Length response header using Stringsize instead of Stringbytesize. When the response body contains multibyte UTF-8 characters, the declared Content-Length is smaller than the...

Ubuntu: Security Advisory (USN-7951-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2018-7159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HTTP parser in all current versions of Node.js ignores spaces in the Content-Length header, allowing input such as Content-Length: 1 2 to be interpreted as...

Tenda i22 代码问题漏洞

The Tenda i22 is a wireless access point from Tenda China. A code issue vulnerability exists in the Tenda i22 that stems from improper handling of the parameter Content-Length, resulting in a null pointer dereference. An attacker can exploit this vulnerability to upload arbitrary files...

Microsoft IIS/5 bogus Content-length bug.

Let's say that it's a bug, not a security flaw, but probably can lead into denial of service with some tweaking. When you send a bad request to Microsoft IIS/5.0 server it gives you the error and closes the connection, like when you fail to authenticate. Well... let's take a look to a normal...