348 matches found
EUVD-2026-42644
Tenda CP3 V3.0 firmware V31.1.9.91 contains a stack-based buffer overflow in the RTSP service. The device fails to validate the length of the clock= value in the Range header field when processing a PLAY request. An unauthenticated remote attacker who has completed a standard RTSP session handsha...
CVE-2026-51601
Tenda CP3 V3.0 firmware V31.1.9.91 contains a stack-based buffer overflow in the RTSP service. The device fails to validate the length of the clock= value in the Range header field when processing a PLAY request. An unauthenticated remote attacker who has completed a standard RTSP session handsha...
CVE-2026-51601
The CVE describes a stack-based buffer overflow in the RTSP service of Tenda CP3 V3.0 firmware (version V31.1.9.91). The flaw arises from insufficient validation of the clock= value in the Range header during a PLAY request, enabling an unauthenticated remote attacker who has completed a standard...
CVE-2026-51601
Tenda CP3 V3.0 firmware V31.1.9.91 contains a stack-based buffer overflow in the RTSP service. The device fails to validate the length of the clock= value in the Range header field when processing a PLAY request. An unauthenticated remote attacker who has completed a standard RTSP session handsha...
Linux Distros Unpatched Vulnerability : CVE-2026-58470
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows...
CVE-2026-58470
GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...
CVE-2026-58470 GNU Wget 1.25.0 Integer Overflow via Content-Range Header Parsing
GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...
CVE-2026-58470 GNU Wget 1.25.0 Integer Overflow via Content-Range Header Parsing
GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...
CVE-2026-58470
GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...
CVE-2026-58470
GNU Wget 1.25.0 and earlier is affected by an integer overflow in parse_content_range() (src/http.c) triggered by server-controlled Content-Range headers, leading to undefined behavior and download desynchronization. The issue is fixed in commit 43d3ba9, and users should upgrade to a version that...
EUVD-2026-42082
GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...
CVE-2026-58470
GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...
PT-2026-56239
Name of the Vulnerable Software and Affected Versions GNU Wget versions prior to 1.25.0 commit 43d3ba9 Description An integer overflow occurs in the parse content range function within src/http.c. This issue allows server-controlled values to cause signed integer arithmetic to overflow. An attack...
SUSE-SU-2026:22151-1 Security update for python-starlette
This update for python-starlette fixes the following issues - CVE-2025-54121: denial-of-service when parsing a multi-part form with large files bsc1246855. - CVE-2025-62727: DoS via Range header merging bsc1252805. - CVE-2026-48710: Missing Host header validation poisons request.url.path, bypassi...
OPENSUSE-SU-2026:20975-1 Security update for python-starlette
This update for python-starlette fixes the following issues - CVE-2025-54121: denial-of-service when parsing a multi-part form with large files bsc1246855. - CVE-2025-62727: DoS via Range header merging bsc1252805. - CVE-2026-48710: Missing Host header validation poisons request.url.path, bypassi...
EulerOS 2.0 SP11 : libsoup (EulerOS-SA-2026-2213)
According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in th...
Astra Linux – Vulnerability in Ruby-Rack
A denial-of-service vulnerability exists in the Range header parsing component of Rack, version 1.5.0 and later. A carefully crafted input can cause the Range header parsing component in Rack to take an unexpectedly long time, potentially leading to a denial-of-service attack. Any applications th...
Astra Linux – Vulnerability in Ruby-Rack
Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the Rack::File middleware or the...
SUSE-SU-2026:1745-1 Security update for rmt-server
This update for rmt-server fixes the following issues: Update to version 2.27. Security issues fixed: - CVE-2026-26961: rack: greedy multipart boundary parsing can lead to parser differentials and WAF bypass bsc1261398. - CVE-2026-26962: rack: improper unfolding of folded multipart headers can le...
CLSA-2026-1776855452 libsoup: Fix of 2 CVEs
CVE-2026-1801: use CRLF as line boundary when parsing chunked encoding data to prevent HTTP request smuggling via lone LF - CVE-2026-2443: reject Range header ends exceeding content length to prevent out-of-bounds read in byte range handling...