EUVD-2026-26953

Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

CVE-2026-21488 iccDEV has Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination through its CIccTagText::Read function. This issue is fixed in version 2.3.1.2...

EUVD-2018-3987

Malware in sbrugna...

Doctor Appointment Management System Session Hijacking Vulnerability

Doctor Appointment Management System is a doctor appointment management system. Doctor Appointment Management System suffers from a session hijacking vulnerability that stems from the /doctor/change-password.php component not properly terminating a session. No details of the vulnerability are...

PHPGurukul Doctor Appointment Management System 安全漏洞

Doctor Appointment Management System is a doctor appointment management system. Doctor Appointment Management System suffers from a session hijacking vulnerability that stems from the /doctor/change-password.php component not properly terminating a session. No details of the vulnerability are...

nodejs: Improper HTTP Header Termination in Node.js 20 Enables Request Smuggling

A flaw was found in the HTTP parser of Node.js. This vulnerability allows attackers to perform request smuggling and bypass proxy-based access controls via improperly terminated HTTP/1 headers using \r\n\rX instead of the standard \r\n\r\n...

Node.js < 20.19.2 HTTP Request Smuggling Vulnerability - Windows

Node.js is prone to an HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...

CVE-2025-23167

A flaw in Node.js 20's HTTP parser allows improper termination of HTTP/1 headers using \r\n\rX instead of the required \r\n\r\n. This inconsistency enables request smuggling, allowing attackers to bypass proxy-based access controls and submit unauthorized requests. The issue was resolved by...

CVE-2022-26635

PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. Note: Third parties have disputed this as not affecting PHP-Memcached directly...

The vulnerability of the Astra Linux Directory Service Management System (ALD) allows a violator to trigger a service failure by preventing resources from being released after their useful life has expired.

The vulnerability of the Astra Linux Directory Service Management System ALD is related to the improper termination of software during operation. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of the Astra Linux Directory Service Management System (ALD) allows a violator to trigger a service failure by preventing resources from being released after their useful life has expired.

The vulnerability of the Astra Linux Directory Service Management System ALD is related to the improper termination of software programs. Exploiting this vulnerability can allow an attacker to cause service failures...

CVE-2002-0001

Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list...