EUVD-2019-19758

GetGo Download Manager 6.2.2.3300 contains a buffer overflow vulnerability that allows remote attackers to cause denial of service by sending HTTP responses with excessively long headers. Attackers can craft malicious HTTP responses with oversized header values to crash the application and make i...

CVE-2019-25478 GetGo Download Manager 6.2.2.3300 Buffer Overflow DoS

GetGo Download Manager 6.2.2.3300 contains a buffer overflow vulnerability that allows remote attackers to cause denial of service by sending HTTP responses with excessively long headers. Attackers can craft malicious HTTP responses with oversized header values to crash the application and make i...

EUVD-2005-3181

Malware in sbrugna...

EUVD-2008-2705

Malware in sbrugna...

EUVD-1999-1315

Malware in sbrugna...

EUVD-2018-0302

Malware in sbrugna...

AZL-66527 CVE-2025-38572 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: ipv6: reject malicious packets in ipv6gsosegment syzbot was able to craft a packet with very long IPv6 extension headers leading to an overflow of skb-transportheader. This 16bit field has a limited range. Add...

CVE-2025-38572

CVE-2025-38572 affects the Linux kernel IPv6 path, where an attacker could craft IPv6 extension headers to overflow skb->transport_header via ipv6_gso_segment() when processing very long headers. The root cause is related to the 16-bit transport header field handling, with a suggested fix addi...

AZL-77517 CVE-2025-30204 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26

golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...

SUSE CVE-2024-21520

Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...

GHSA-GW84-84PC-XP82 Cross-site Scripting in djangorestframework

Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...

DEBIAN-CVE-2024-21520

Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...

UBUNTU-CVE-2024-21520

Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...

Django REST framework security vulnerability

Django REST framework is Django REST framework open source a powerful and flexible toolkit for building Web APIs. A security vulnerability exists in the Django REST framework prior to version 3.15.2, which stems from a cross-site scripting vulnerability in breaklongheaders...

PT-2024-18934

Name of the Vulnerable Software and Affected Versions djangorestframework versions prior to 3.15.2 Description The issue arises from improper input sanitization in the break long headers template filter, leading to Cross-site Scripting XSS via this filter due to the splitting and joining of input...

Cross-site Scripting (XSS)

Overview djangorestframework is a powerful and flexible toolkit for building Web APIs. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags. PoC views.py from...

Denial Of Service (DoS)

Riverline/multipart-parser is vulnerable to Denial of Service DoS. The vulnerability is due to the lack of limits on the length of header lines, allowing attackers to overwhelm server resources by sending requests with exceptionally long headers, potentially leading to Denial of Service DoS...

CVE-2024-26146

A denial of service DoS vulnerability was found in rubygem-rack in how it parses Rack Header. Carefully crafted headers can cause header parsing in Rack to take longer than expected, resulting in a possible denial of service issue. Accept and Forwarded headers are impacted. Mitigation No mitigati...

PT-2023-28913 · Unknown · Tungstenite

Name of the Vulnerable Software and Affected Versions: Tungstenite crate versions prior to 0.20.1 Description: The issue allows remote attackers to cause a denial of service, resulting in minutes of CPU consumption, via an excessive length of an HTTP header in a client handshake. The length affec...

SUSE CVE-2008-2711

fetchmail 6.3.8 and earlier, when running in -v -v aka verbose mode, allows remote attackers to cause a denial of service crash and persistent mail failure via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages...