CVE-2024-5940

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handlerequest' function in all versions up to, and including, 3.13.0. This makes it possible for unauthenticated attackers to edi...

CVE-2024-22086

handlerequest in http.c in cherry through 4b877df has an sscanf stack-based buffer overflow via a long URI, leading to remote code execution...

cherry Security breach

cherry is an HTTP server for Chee Personal Developers. A security vulnerability exists in cherry, which stems from a stack buffer overflow in the handlerequest function in http.c, leading to remote code execution...

CVE-2024-22086

CVE-2024-22086 affects the Cherry HTTP server. The vulnerability is a stack-based buffer overflow in the handle_request() function in http.c caused by using sscanf with a long URI, enabling remote code execution. Affected versions are Cherry up to 4b877df; explicit fixes are not documented in the...

GHSA-XVV9-5J67-3RPQ zola Path Traversal vulnerability

An issue was discovered in zola 0.13.0 through 0.17.2. The custom implementation of a web server, available via the "zola serve" command, allows directory traversal. The handlerequest function, used by the server to process HTTP requests, does not account for sequences of special path control...

CVE-2023-40274

An issue was discovered in zola 0.13.0 through 0.17.2. The custom implementation of a web server, available via the "zola serve" command, allows directory traversal. The handlerequest function, used by the server to process HTTP requests, does not account for sequences of special path control...

CVE-2023-40274

An issue was discovered in zola 0.13.0 through 0.17.2. The custom implementation of a web server, available via the "zola serve" command, allows directory traversal. The handlerequest function, used by the server to process HTTP requests, does not account for sequences of special path control...

CVE-2023-40274

An issue was discovered in zola 0.13.0 through 0.17.2. The custom implementation of a web server, available via the "zola serve" command, allows directory traversal. The handlerequest function, used by the server to process HTTP requests, does not account for sequences of special path control...

CVE-2023-40274

An issue was discovered in zola 0.13.0 through 0.17.2. The custom implementation of a web server, available via the "zola serve" command, allows directory traversal. The handlerequest function, used by the server to process HTTP requests, does not account for sequences of special path control...

Updated toxcore packages fix security vulnerability

stack-based buffer overflow in handlerequest in DHT.c CVE-2021-44847...

UBUNTU-CVE-2021-44847

A stack-based buffer overflow in handlerequest function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 caused by an improper length calculation during the handling of received network packets allows remote attackers to crash the process or potentially execute arbitrary code via...

CVE-2021-32030

The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 and Lyra Mini before 3.0.0.438446630 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. This relates to handlereques...