CVE-2026-2548 WAYOS FBM-220G rc sub_40F820 command injection

A flaw has been found in WAYOS FBM-220G 24.10.19. This affects the function sub40F820 of the file rc. Executing a manipulation of the argument upnpwaniface/upnpssdpinterval/upnpmaxage can lead to command injection. The attack can be executed remotely. The vendor was contacted early about this...

CVE-2026-2548

A flaw has been found in WAYOS FBM-220G 24.10.19. This affects the function sub40F820 of the file rc. Executing a manipulation of the argument upnpwaniface/upnpssdpinterval/upnpmaxage can lead to command injection. The attack can be executed remotely. The vendor was contacted early about this...

WAYOS FBM-220G 安全漏洞

WAYOS FBM-220G is a network behavior management router developed by the Chinese company Wayos. Version 24.10.19 of WAYOS FBM-220G contains a security vulnerability. This vulnerability stems from improper handling of parameters upnpwaniface/upnpssdpinterval/upnpmaxage in the sub40F820 function in...

CVE-2025-61634

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Rest/Handler/PageHTMLHandler.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1...

curl: Cookie Max-Age Integer Overflow Vulnerability

Summary: The cookie parsing code in lib/cookie.c contains an integer overflow vulnerability when processing the Max-Age attribute of HTTP cookies. The vulnerable code attempts to add the max-age value to the current timestamp without adequate overflow protection While the code includes an overflo...

CVE-2017-18589

An issue was discovered in the cookie crate before 0.7.6 for Rust. Large integers in the Max-Age of a cookie cause a panic...

curl: PROTOCOL-LEVEL: Persistent UDP Amplification and Cache Poisoning via Alt-Svc Logic Flaw

Summary A structural logic flaw in the libcurl Alt-Svc header parser allows attack attributes specifically persist and max-age to "leak" from one service definition to another. We have successfully chained this logic bug with curl's HTTP/3 QUIC support to demonstrate a Persistent UDP Amplificatio...

EUVD-2021-1897

Malware in sbrugna...

Security Bulletin: IBM OpenPages Application API Response Caching Header Update

Summary Some IBM OpenPages API responses currently use the caching directive Cache-Control: max-age=0 instead of the more secure Cache-Control: no-store. While max-age=0 means the content is immediately stale, it may still be stored temporarily in browsers or intermediary caches. For sensitive...

PT-2025-42553

Name of the Vulnerable Software and Affected Versions mediawiki affected versions not specified Description The software has a potential issue related to setting the cache-control value of max-age=60 for redirects. This could potentially lead to unintended caching behavior. Recommendations At the...

kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set()

A race condition was found in the Linux kernel's net/bluetooth device driver within the conninfomin,maxageset function. This issue can lead to an integrity overflow issue, potentially disrupting Bluetooth connections or facilitating a denial of service attack...

kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set()

A race condition was found in the Linux kernel's net/bluetooth device driver within the conninfomin,maxageset function. This issue can lead to an integrity overflow issue, potentially disrupting Bluetooth connections or facilitating a denial of service attack...

undertow: LearningPushHandler can lead to remote memory DoS attacks

A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...

undertow: LearningPushHandler can lead to remote memory DoS attacks

A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...

undertow: LearningPushHandler can lead to remote memory DoS attacks

A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...

undertow: LearningPushHandler can lead to remote memory DoS attacks

A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...

PT-2024-40088 · Cometbft · Cometbft

Name of the Vulnerable Software and Affected Versions: CometBFT versions All Description: A default configuration in CometBFT has been found to be insufficient for common use cases, potentially preventing the slashing mechanism from working in specific cases. The default values for...

SUSE CVE-2024-24857

A race condition was found in the Linux kernel's net/bluetooth device driver in conninfomin,maxageset function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service...

Improper Input Validation in cookie

Affected versions of this crate use the time crate and the method Duration::seconds to parse the Max-Age duration cookie setting. This method will panic if the value is greater than 2^64/1000 and less than or equal to 2^64, which can result in denial of service for a client or server. This flaw w...

PYSEC-2021-91

The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. In Flask-Security-Too from version 3.3.0 and before version 3.4.5, the /login and...