SUSE CVE-2026-40510

OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in pivprocesshistory in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longe...

CVE-2026-40510

OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in pivprocesshistory in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longe...

CVE-2026-40510

CVE-2026-40510 affects OpenSC before 0.27.0-rc1. A stack buffer overflow in piv_process_history() (src/libopensc/card-piv.c) can memory-corrupt if a physically present attacker uses a crafted PIV card/USB device that returns a URL field longer than 118 bytes in the Key History Object ASN.1 respon...

CVE-2026-8363

A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:...

CVE-2026-8362

CVE-2026-8362 describes a stack-based buffer overflow in WOSDefaultHttpModule.dll when processing long URL paths starting with /woshome. Affected software/component: WOSDefaultHttpModule.dll. Root cause: unbounded processing of long URL path leading to overflow. Impact is described as high confid...

EUVD-2026-32643

A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome...

CVE-2026-8363

CVE-2026-8363: A stack-based buffer overflow in WOSDeviceDropFolder.dll occurs when processing a long URL path starting with /resources. Documented under Gladinet Triofox; affected component is WOSDeviceDropFolder.dll. CVSS v3.1 shows a critical base score of 9.8 (Network, No user interaction, pr...

CVE-2026-8363

A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:...

Gladinet Triofox 安全漏洞

Gladinet Triofox is an enterprise file sharing and remote access platform developed by the American company Gladinet. There is a security vulnerability in Gladinet Triofox, which stems from a stack buffer overflow issue when processing long URL paths that start with “/resources”...

CVE-2019-25595

CVE-2019-25595 affects jetAudio 8.1.7.20702 Basic. The vulnerability is a denial-of-service in the URL input handler: feeding an excessively long string (e.g., a 5000-character buffer) can crash the application. This is a local attack with no user interaction beyond opening the URL dialog. The av...

CVE-2019-25586

Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the URL field. Attackers can paste a buffer of 5000 characters into the 'From URL' field during torrent addition to trigger an application crash...

CVE-2019-25586

Deluge 1.3.15 contains a local-denial-of-service vulnerability triggered by an excessively long string in the From URL field when adding a torrent; sending about 5000 characters can crash the application. The underlying issue is a buffer/length-related input handling vulnerability in the URL fiel...

CVE-2019-25586

Removed by vendor...

CVE-2019-25571

CVE-2019-25571 affects MediaMonkey 4.1.23. A DoS exists where opening a specially crafted MP3 containing an excessively long URL string can crash the application. The exploit involves a buffer of about 4000 bytes appended to a URL, triggering a crash when the file is opened via the File > Open...

CVE-2026-0919

The HTTP parser of Tapo C220 v1 and C520WS v2 cameras improperly handles requests containing an excessively long URL path. An invalid‑URL error path continues into cleanup code that assumes allocated buffers exist, leading to a crash and service restart. An unauthenticated attacker can force...

EUVD-2026-4791

The HTTP parser of Tapo C220 v1 and C520WS v2 cameras improperly handles requests containing an excessively long URL path. An invalid‑URL error path continues into cleanup code that assumes allocated buffers exist, leading to a crash and service restart. An unauthenticated attacker can force...

TP-Link Tapo C220 and TP-Link Tapo C520WS have security vulnerabilities

Both the TP-Link Tapo C220 and TP-Link Tapo C520WS are WiFi cameras produced by the Chinese company TP-Link. There are security vulnerabilities in the TP-Link Tapo C220 v1 version and the TP-Link Tapo C520WS v2 version. These vulnerabilities stem from the HTTP parser’s improper handling of reques...

CVE-2018-10799

A hang issue was discovered in Brave before 0.14.0 on, for example, Linux. This vulnerability is caused by the mishandling of a long URL formed by window.location+='?\u202a\uFEFF\u202b'; concatenation in a SCRIPT element...

CVE-1999-0222

Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL...

EUVD-2009-4995

Malware in sbrugna...