CVE-2026-32011

OpenClaw versions prior to 2026.3.2 contain a denial of service vulnerability in webhook handlers for BlueBubbles and Google Chat that parse request bodies before performing authentication and signature validation. Unauthenticated attackers can exploit this by sending slow or oversized request...

python-werkzeug: high resource usage when parsing multipart form data with many fields

A flaw was found in python-werkzeug. Werkzeug is multipart form data parser, that will parse an unlimited number of parts, including file parts. These parts can be a small amount of bytes, but each requires CPU time to parse, and may use more memory as Python data. If a request can be made to an...

Cisco多款产品 安全漏洞

Cisco IOS, etc. are products of Cisco Cisco, U.S.A. Cisco IOS is a set of operating systems developed for its network devices.Cisco IOS XR is a set of operating systems developed for its network devices.Cisco IOS XE is an operating system. A security vulnerability exists in a number of Cisco...

CVE-2024-45863

A null-dereference vulnerability involving parsing requests specifying invalid protocols can cause the application to crash or potentially result in other undesirable effects. This issue affects Facebook Thrift from v2024.09.09.00 until v2024.09.23.00...

CVE-2024-45863

CVE-2024-45863 involves a null-dereference in Facebook Thrift when parsing requests that specify invalid protocols, affecting versions v2024.09.09.00 through v2024.09.23.00. The issue can cause the application to crash and may lead to other undesirable effects as described in connected advisories...

CVE-2024-45863

A null-dereference vulnerability involving parsing requests specifying invalid protocols can cause the application to crash or potentially result in other undesirable effects. This issue affects Facebook Thrift from v2024.09.09.00 until v2024.09.23.00...

Nomore403 - Tool To Bypass 403/40X Response Codes

nomore403 is an innovative tool designed to help cybersecurity professionals and enthusiasts bypass HTTP 40X errors encountered during web security assessments. Unlike other solutions, nomore403 automates various techniques to seamlessly navigate past these access restrictions, offering a broad...

OpenSIS ajax.php modname Code Execution (CVE-2013-1349)

A remote code execution vulnerability has been reported in OpenSIS. The vulnerability is due to insufficient validation of modname parameter while parsing requests to ajax.php module. A remote attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable server...

Apache APR apr_fnmatch Stack Overflow Denial of Service

A stack overflow vulnerability exists in Apache's APR library. The vulnerability is due to an error in directory file listing function, while parsing requests from a user...

hplip -- hpssd Denial of Service

Secunia reports: A security issue has been reported in hplip, which can be exploited by malicious, local users to cause a DoS. The security issue is caused due to an error within hpssd.py when parsing certain requests. This can be exploited to crash the service by sending specially crafted reques...