52 matches found
CVE-2019-12159
GoHTTP through 2017-07-25 has a stack-based buffer over-read in the scan function when called from getRequestType via a long URL...
EUVD-2009-3673
Malware in sbrugna...
EUVD-2009-5119
Malware in sbrugna...
EUVD-2020-4907
Malware in sbrugna...
EUVD-2025-12733
Malicious code in bioql PyPI...
CVE-2010-10016
BS.Player version 2.57 build 1051 contains a vulnerability in its playlist import functionality. When processing .m3u files, the application fails to properly validate the length of playlist entries, resulting in a buffer overflow condition. This flaw occurs during parsing of long URLs embedded i...
CVE-2009-20008 Green Dam 3.17 URL Processing Buffer Overflow
Green Dam Youth Escort version 3.17 is vulnerable to a stack-based buffer overflow when processing overly long URLs. The flaw resides in the URL filtering component, which fails to properly validate input length before copying user-supplied data into a fixed-size buffer. A remote attacker can...
CVE-2010-10016
BS.Player 2.57 (build 1051) has a buffer overflow in playlist import when parsing .m3u files due to improper validation of entry lengths. The flaw affects Unicode parsing on the Windows client and can overwrite SEH records when processing long URLs embedded in a crafted playlist, as described acr...
CVE-2010-10016
BS.Player version 2.57 build 1051 contains a vulnerability in its playlist import functionality. When processing .m3u files, the application fails to properly validate the length of playlist entries, resulting in a buffer overflow condition. This flaw occurs during parsing of long URLs embedded i...
PT-2025-35368
Name of the Vulnerable Software and Affected Versions: BS.Player version 2.57 build 1051 Description: BS.Player version 2.57 build 1051 contains a flaw in its playlist import functionality. When processing .m3u files, the application does not properly validate the length of playlist entries,...
CVE-1999-0281
Denial of service in IIS using long URLs...
CVE-2025-3859
Websites directing users to long URLs that caused eliding to occur in the location view could leverage the truncating behavior to potentially trick users into thinking they were on a different webpage This vulnerability affects Focus 138...
CVE-2025-3859 Firefox Focus elide URL allows address bar spoofing
Websites directing users to long URLs that caused eliding to occur in the location view could leverage the truncating behavior to potentially trick users into thinking they were on a different webpage. This vulnerability was fixed in Focus 138...
firefox: thunderbird: Origin of permission prompt could be spoofed by long URL
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: Truncation of a long URL could have allowed origin spoofing in a permission prompt...
BIT-ENVOY-2020-12605
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs...
PT-2023-12621 · Unknown · Cetic-6Lbr
Name of the Vulnerable Software and Affected Versions: CETIC-6LBR aka 6lbr version 1.5.0 Description: The issue is a strcat stack-based buffer overflow that occurs when a request for a long URL is made over a 6LoWPAN network. This can be exploited via the httpd.c file in the...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS when echoing the request URL as an X-Up-Location response header. By making a request with exceedingly long URLs paths or query string, an attacker can cause unpoly-rails to write a exceedingly large response heade...
SUSE-SU-2023:1658-1 Security update for apache2
This update for apache2 fixes the following issues: - CVE-2023-27522: Fixed HTTP response splitting in modproxyuwsgi bsc1209049. - CVE-2023-25690: Fixed HTTP request splitting with modrewrite and modproxy bsc1209047. The following non-security bugs were fixed: - Fixed modproxy handling of very lo...
CVE-2020-12605
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs...
tinylcy Vino Input Validation Error Vulnerability
tinylcy Vino is a web server written in the C language. An input validation error vulnerability exists in tinylcy Vino 2017-12-15 and earlier versions, which can be exploited by remote attackers to cause a denial of service with the help of longer URLs...