6 matches found
CVE-2026-22904
Improper length handling when parsing multiple cookie fields including TRACKID allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution...
CVE-2026-22904 Stack Overflow via Oversized Cookie Fields in lighttpd
Improper length handling when parsing multiple cookie fields including TRACKID allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution...
CVE-2026-22904 Stack Overflow via Oversized Cookie Fields in lighttpd
Improper length handling when parsing multiple cookie fields including TRACKID allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution...
CVE-2026-22904
CVE-2026-22904 affects lighttpd, where improper length handling when parsing multiple cookie fields (including TRACKID) allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow. This can result in a denial-of-service condition and potentially r...
CVE-2026-22904
Improper length handling when parsing multiple cookie fields including TRACKID allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution...
PT-2025-9200 · Ntpd-Rs · Ntpd-Rs
Name of the Vulnerable Software and Affected Versions: ntpd-rs versions prior to 1.5.0 Description: Two denial of service issues were found in the handling of NTS cookies in the client functionality. These issues can cause ntpd-rs to crash when an NTS source is configured and the server sends...