424 matches found
EUVD-2026-40436
Capgo before 12.128.2 contains an information disclosure vulnerability in the /private/validatepasswordcompliance endpoint that returns different error responses for malformed, non-existent, and existing organization IDs. Unauthenticated attackers can enumerate valid organization UUIDs by observi...
EUVD-2026-40320
Denial of service via malformed HTTP/2 requests in NetScaler ADC and NetScaler Gateway if HTTP/2 is enabled in HTTP Profile and associated with the virtual server of type LB, CS, VPN or the service configured on NetScaler...
undertow: Undertow MadeYouReset HTTP/2 DDoS Vulnerability
A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...
PT-2026-53868
Name of the Vulnerable Software and Affected Versions NetScaler ADC affected versions not specified NetScaler Gateway affected versions not specified Description A denial of service issue exists when HTTP/2 is enabled in the HTTP Profile and associated with a virtual server of type LB, CS, or VPN...
CVE-2026-9716
CWE-476 NULL Pointer Dereference vulnerability exists that could cause a denial-of-service condition, rendering the device’s HMI and configuration functionality unavailable when malformed requests are received over exposed network interfaces...
CVE-2026-9716
CVE-2026-9716 describes a CWE-476 NULL Pointer Dereference that could cause a denial-of-service, rendering a device’s HMI and configuration functionality unavailable when malformed requests hit exposed network interfaces. The root cause is a NULL pointer dereference; impact is high availability l...
PT-2026-52400
Name of the Vulnerable Software and Affected Versions EmberZNet versions prior to 9.0.3 Description Malformed Over-the-Air OTA requests can cause the OTA server parser to perform out-of-bounds reads, which occurs when the software reads data outside the intended boundary of a buffer. This allows ...
Astra Linux – Vulnerability in Jetty9
There exists a security vulnerability in Jetty’s ThreadLimitHandler.getRemote method, which can be exploited by unauthorized users to trigger remote denial-of-service DoS attacks. By repeatedly sending malicious requests, attackers can cause OutofMemory errors and exhaust the server’s memory...
Astra Linux – Vulnerability in Apache2
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...
EUVD-2026-36408
A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an...
xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling
A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...
httpd: mod_proxy_ajp: off-by-one out-of-bounds reads in AJP getter functions
A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the AJP getter functions attempt to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause an out-of-bounds read. This issue leads to a denial of...
CVE-2026-48135
A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...
CVE-2026-48135
A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...
CVE-2026-48135 HTTP service can incorrectly process malformed HTTP requests
A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...
CVE-2026-48135
A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...
CVE-2026-48135 HTTP service can incorrectly process malformed HTTP requests
A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...
EUVD-2026-31822
A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...
CVE-2026-48135
Technical details about CVE-2026-48135 are not publicly available in the provided documents; no affected products, impact, or remediation are disclosed. Monitor for updates.
PT-2026-43239
Name of the Vulnerable Software and Affected Versions Check Point affected versions not specified Description A Check Point HTTP-based service incorrectly handles malformed HTTP requests due to issues in HTTP request parsing and validation. Recommendations At the moment, there is no information...