2 matches found
CVE-2026-47138 Parse Server: Pre-authentication denial of service via client version header regex backtracking
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.77 and 9.9.1-alpha.1, an unauthenticated attacker who knows a publicly-known Parse Application ID can submit a single HTTP request whose client SDK version field contains...
CVE-2018-20336
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. There is a stack-based buffer overflow issue in parsereqqueries function in wanduck.c via a long string over UDP, which may lead to an information leak...