CVE-2026-28435 Payload size limit bypass via gzip decompression in ContentReader (streaming) allows oversized request bodies in cpp-httplib

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, cpp-httplib httplib.h does not enforce Server::setpayloadmaxlength on the decompressed request body when using HandlerWithContentReader streaming ContentReader with Content-Encoding: gzip or other...

[SECURITY] [DLA 4054-1] tryton-client security update

Debian LTS Advisory DLA-4054-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert February 16, 2025 https://wiki.debian.org/LTS Package : tryton-client Version : 5.0.33-1+deb11u1 CVE ID : not yet available Debian Bug : none Cédric Krier has found that trytond, the...

Revotech I6032B-P Remote Configuration Disclosure

!/usr/bin/perl Revotech I6032B-P POE 1920x1080P 2.0MP Outdoor Camera Remote Configuration Disclosure Copyright 2020 c Todor Donev https://donev.eu/ Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially th...

Bypassing TrendMicro InterScan VirusWall

Bypassing TrendMicro InterScan VirusWall Overview According to our tests, TrendMicro VirusWall can be bypassed when using : HTTP 1.1 chunked transfert encoding. HTTP 1.0 gzip content encoding for Windows platforms only. Description While HTTP/1.0 includes the Content-Encoding header, which...