Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/02/10 1:23 p.m.5 views

CVE-2026-22904

Improper length handling when parsing multiple cookie fields including TRACKID allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution...

9.8CVSS6.1AI score0.00541EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/09 7:40 a.m.3 views

CVE-2026-22904 Stack Overflow via Oversized Cookie Fields in lighttpd

Improper length handling when parsing multiple cookie fields including TRACKID allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution...

9.8CVSS6.2AI score0.00541EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/09 7:40 a.m.30 views

CVE-2026-22904 Stack Overflow via Oversized Cookie Fields in lighttpd

Improper length handling when parsing multiple cookie fields including TRACKID allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution...

9.8CVSS0.00541EPSS
Exploits0References1
CVE
CVE
added 2026/02/09 7:40 a.m.19 views

CVE-2026-22904

CVE-2026-22904 affects lighttpd, where improper length handling when parsing multiple cookie fields (including TRACKID) allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow. This can result in a denial-of-service condition and potentially r...

9.8CVSS6.2AI score0.00541EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/09 7:40 a.m.9 views

CVE-2026-22904

Improper length handling when parsing multiple cookie fields including TRACKID allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution...

9.8CVSS6.2AI score0.00541EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2025/02/28 12:0 a.m.4 views

PT-2025-9200 · Ntpd-Rs · Ntpd-Rs

Name of the Vulnerable Software and Affected Versions: ntpd-rs versions prior to 1.5.0 Description: Two denial of service issues were found in the handling of NTS cookies in the client functionality. These issues can cause ntpd-rs to crash when an NTS source is configured and the server sends...

5.3CVSS7.5AI score
Exploits0References5
Rows per page
Query Builder