Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/06/18 4:5 p.m.22 views

CVE-2026-55203 HAProxy - Integer Overflow in FCGI Demux Record Length Field

HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers. When contentLength is 65535 and paddingLength is 1 or more, the drl field wraps to 0, causing incorrect record...

9CVSS0.00321EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/04 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-34831

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Filesfail sets the Content-Length response header using Stringsi...

6.5CVSS6.5AI score0.00147EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/03 8:39 p.m.4 views

CVE-2026-34831

A flaw was found in Rack. A remote attacker can exploit this vulnerability by requesting a non-existent path containing percent-encoded UTF-8 characters. This causes Rack::Filesfail to incorrectly calculate the Content-Length header, using Stringsize instead of Stringbytesize for multibyte...

6.5CVSS5.8AI score0.00147EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/07/19 2:2 a.m.5 views

SUSE CVE-2023-38409

An issue was discovered in setcon2fbmap in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbconregisteredfb and fbcondisplay arrays can be desynchronized in fbconmodedeleted the con2fbmap points at the old fbinfo...

2.9CVSS6.8AI score0.0018EPSS
Exploits0References9
Rows per page
Query Builder