CVE-2026-35672 phpMyFAQ - Authentication Bypass via Empty API Token

phpMyFAQ before 4.1.3 contains an authentication bypass vulnerability in API v4.0 where the default empty api.apiClientToken allows unauthenticated users to create and modify FAQ entries. Attackers can send an empty x-pmf-token header to bypass token validation and inject malicious content via PO...

Insecure Default Initialization of Resource

Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via the hasValidToken function. An attacker can gain unauthorized access to create and modify FAQ entries,...

Astra Linux - уязвимость в haproxy

Before version 2.7.3, HAProxy might allow a bypass of access control mechanisms, as HTTP/1 headers were inadvertently lost in certain situations, also known as “request smuggling.” The HTTP header parsers in HAProxy might accept empty header field names, which could be used to omit the list of HT...

BIT-CEPH-2024-47866 RGW DoS attack with empty HTTP header in S3 object copy

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument x-amz-copy-source to put an object and specifying an empty string as its content leads to the RGW daemon crashing, resulting in a DoS attack. As of time of publication, no...

rgw: RGW DoS attack with empty HTTP header in S3 object copy

A flaw was found in Ceph RGW. Using the x-amz-copy-source header to upload an empty object will cause Ceph RGW to crash, leading to availability issues...

MGASA-2025-0333 Updated ceph packages fix security vulnerability

RGW DoS attack with empty HTTP header in S3 object copy. CVE-2024-47866...

CVE-2024-47866 RGW DoS attack with empty HTTP header in S3 object copy

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument x-amz-copy-source to put an object and specifying an empty string as its content leads to the RGW daemon crashing, resulting in a DoS attack. As of time of publication, no...

CVE-2024-47866 RGW DoS attack with empty HTTP header in S3 object copy

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument x-amz-copy-source to put an object and specifying an empty string as its content leads to the RGW daemon crashing, resulting in a DoS attack. As of time of publication, no...

Incorrect Implementation of Authentication Algorithm

Overview esphome is a Make creating custom firmwares for ESP32/ESP8266 super easy. Affected versions of this package are vulnerable to Incorrect Implementation of Authentication Algorithm in the webserver authentication process. An attacker can gain unauthorized access to web server functionality...

CVE-2025-57808

ESPHome’s ESP-IDF web_server authentication check in version 2025.8.0 can bypass when the client-supplied Base64 Authorization value is empty or a substring of the correct value, allowing access to web_server functionality (including OTA if enabled) without valid credentials. This authentication ...

Security update for apache2-mod_auth_openidc

This update for apache2-modauthopenidc fixes the following issues: CVE-2025-3891: denial of service via POST requests with an empty Content-Type header and with OIDCPreservePost On bsc1242015. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

CLSA-2024-1733908866 Fix CVE(s): CVE-2023-25725

SECURITY UPDATE: The HTTP header parsers in HAProxy may accept empty header field names - debian/patches/CVE-2023-25725.patch: prevent empty header field names - CVE-2023-25725...

USN-7135-1 haproxy vulnerability

Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg, and Harvey Tuch discovered that HAProxy incorrectly handled empty header names. A remote attacker could possibly use this issue to manipulate headers and bypass certain authentication checks and restrictions...

Unspecified vulnerability in Linux kernel (CNVD-2024-46446)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from an empty header address. No details of the vulnerability are provided at this time...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from an empty header address. No details of the vulnerability are provided at this time...

Important: haproxy2

Issue Overview: HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and...

AZL-27912 CVE-2023-40225 affecting package haproxy for versions less than 2.4.24-1

HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpre...

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3 the impact is limited because the headers disappear before being parsed and processed as if they had not been sent by the client. The fixed versions are 2.7.3 2.6.9 2.5.12 2.4.22 2.2.29 and 2.0.31.

...

SUSE CVE-2009-3704

ZoIPer 2.22, and possibly other versions before 2.24 Library 5324, allows remote attackers to cause a denial of service crash via a SIP INVITE request with an empty Call-Info header...

SUSE CVE-2012-5533

The httprequestsplitvalue function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service infinite loop via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header...