Lucene search
K

10 matches found

OSV
OSV
added yesterday3 views

GHSA-VHCH-2WF3-M8RP Netty: Denial of Service via Unbounded Headers in StompSubframeDecoder

Summary The StompSubframeDecoder fails to limit the total number of headers or their cumulative size per frame, allowing an attacker to cause an OutOfMemoryError, leading to a Denial of Service. Details io.netty.handler.codec.stomp.StompSubframeDecoder implements the STOMP protocol. The...

7.5CVSS6.1AI score
Exploits0References2
Cvelist
Cvelist
added 2026/07/08 4:19 p.m.37 views

CVE-2025-3110

OpenVPN Access Server 2.7.2 through 3.1.0 accepts bare line-feed sequences inside HTTP header values, allowing remote attackers to perform HTTP request smuggling when deployed behind a reverse proxy...

6.9CVSS0.00259EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.5 views

PT-2026-31016

Name of the Vulnerable Software and Affected Versions OpenTelemetry-Go versions 1.36.0 through 1.40.0 Description The OpenTelemetry-Go implementation is susceptible to a remote request amplification issue due to the way it handles multi-value baggage headers. Specifically, the extractMultiBaggage...

9.8CVSS6AI score0.00868EPSS
Exploits1References429
Cvelist
Cvelist
added 2026/01/27 1:43 p.m.33 views

CVE-2026-1485 Glib: glib: local denial of service via buffer underflow in content type parsing

A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access...

2.8CVSS0.00139EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.5 views

SUSE CVE-2004-0493

The apgetmimeheaderscore function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service memory exhaustion, and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters...

6.4CVSS7.4AI score0.84784EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.5 views

SUSE CVE-2004-0942

Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service CPU consumption via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters...

5CVSS6.9AI score0.55105EPSS
Exploits7References5
NVD
NVD
added 2013/08/16 1:55 a.m.18 views

CVE-2013-4698

Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail content intended for different persons in opportunistic circumstances by reading Subject header lines within the user's own mailbox...

3.5CVSS6.1AI score0.0097EPSS
Exploits0References4
OSV
OSV
added 2004/08/06 4:0 a.m.3 views

DEBIAN-CVE-2004-0493

The apgetmimeheaderscore function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service memory exhaustion, and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters...

6.4CVSS7.4AI score0.84784EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2004/07/06 8:35 a.m.4 views

security flaw

The apgetmimeheaderscore function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service memory exhaustion, and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters...

6.4CVSS6.1AI score0.84784EPSS
Exploits1References4
Cvelist
Cvelist
added 2004/06/30 4:0 a.m.27 views

CVE-2004-0493

The apgetmimeheaderscore function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service memory exhaustion, and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters...

6.9AI score0.84784EPSS
Exploits1References24
Rows per page
Query Builder