CVE-2025-29462

A buffer overflow vulnerability has been discovered in Tenda Ac15 V15.13.07.13. The vulnerability occurs when the webCgiGetUploadFile function calls the socketRead function to process HTTP request messages, resulting in the overwriting of a buffer on the stack...

PT-2025-14788 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda Ac15 version 15.13.07.13 Description: A buffer overflow issue has been discovered. It occurs when the webCgiGetUploadFile function calls the socketRead function to process HTTP request messages, resulting in the overwriting of a buffer ...

TRENDnet TI-G102i 安全漏洞

The TRENDnet TI-G102i is a smart switch from Trendnet, Inc. A security vulnerability exists in TRENDnet TI-G102i versions 1.0.7.S0 and 1.0.8.S0, which stems from a null pointer dereference issue in the HTTP request processing component...

TRENDnet TEW-410APB 安全漏洞

The TRENDnet TEW-410APB is a wireless access point from Trendnet, Inc. A security vulnerability exists in TRENDnet TEW-410APB version 1.3.06b, which stems from a null pointer dereference issue in the HTTP request processing component...

TRENDnet TEW-818DRU 安全漏洞

The TRENDnet TEW-818DRU is a wireless router from Trendnet, Inc. A security vulnerability exists in the TRENDnet TEW-818DRU version 1.0.14.6, which originates from a denial of service issue in the HTTP request processing component...

The vulnerability of the Proxy Header Handler component of the Keycloak identity and access management software allows a hacker to trigger a service failure.

The vulnerability of the Proxy Header Handler component of the Keycloak identity and access management software is related to shortcomings in HTTP request processing. Exploiting this vulnerability could allow a attacker to cause service failures...

Updated python-waitress packages fix security vulnerabilities

Waitress has a request processing race condition in HTTP pipelining with an invalid first request. CVE-2024-49768 Waitress has a denial of service leading to high CPU usage/resource exhaustion. CVE-2024-49769...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-waitress) security update

An update for python-waitress is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

The vulnerability of the OTRS request processing system, related to incorrect handling of HTTP request headers, allows a hacker to upload arbitrary files.

The vulnerability of the OTRS request processing system is related to the improper handling of HTTP request headers due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to upload arbitrary files...

CVE-2020-15632

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-842 3.13B05 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HNAP GetCAPTCHAsetting requests. The issue...

The vulnerability of the Drupal CMS system’s RESTful Web Services module, related to errors in request processing, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Drupal CMS system’s RESTful Web Services module is related to errors in request processing. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management processes, related to the failure to protect the SQL request structure, allows attackers to execute SQL injections.

The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management processes is related to the lack of measures taken to protect the SQL request structure. Exploiting this vulnerability allows a malicious actor to execute SQL injections remotely...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (python-waitress) security update

An update for python-waitress is now available for Red Hat OpenStack Platform 16.2 Train for Red Hat Enterprise Linux RHEL 8.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

PT-2025-35250

Name of the Vulnerable Software and Affected Versions CivetWeb versions 1.14 through 1.16 Description A buffer overflow in the URI parser of CivetWeb may allow a remote attacker to achieve remote code execution via a crafted HTTP request. This issue is triggered during request processing and may...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in SMB request processing in the ksmbd subsystem...

RHEL 9 : OpenShift Container Platform 4.12.70 (RHSA-2024:10535)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:10535 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or priva...

waitress: python-waitress: request processing race condition in HTTP pipelining with invalid first request

A flaw was found in the Waitress WSGI server for Python. A remote client can send a request that is exactly recvbytes, which defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default, Waitress won't read any more requests, and when th...

SUSE-SU-2024:3876-1 Security update for python-waitress

This update for python-waitress fixes the following issues: - CVE-2024-49768: Fixed request processing race condition in HTTP pipelining with invalid first request when lookahead is enabled bsc1232556 - CVE-2024-49769: Fixed incorrect connection clean up leads to a busy-loop and resource exhausti...

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV042, RV042G, RV320, and RV325 allows a hacker to execute arbitrary code or cause service interruptions.

The vulnerability of the web interface for managing microprogrammed software routers of Cisco Small Business RV042, RV042G, RV320, and RV325 stems from the escape of operations beyond the buffer in memory, resulting from insufficient validation of input data during HTTP packet processing...

CVE-2024-49768 Waitress has request processing race condition in HTTP pipelining with invalid first request

Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recvbytes defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default we won't read any more requests, and when the...