Lucene search
K

39 matches found

NVD
NVD
added last week9 views

CVE-2026-58470

GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...

6.9CVSS0.00247EPSS
Exploits0References2
Cvelist
Cvelist
added last week39 views

CVE-2026-58470 GNU Wget 1.25.0 Integer Overflow via Content-Range Header Parsing

GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...

6.9CVSS0.00247EPSS
Exploits0References2
EUVD
EUVD
added last week5 views

EUVD-2026-42082

GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...

6.9CVSS6.1AI score0.00247EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.6 views

PT-2026-56239

Name of the Vulnerable Software and Affected Versions GNU Wget versions prior to 1.25.0 commit 43d3ba9 Description An integer overflow occurs in the parse content range function within src/http.c. This issue allows server-controlled values to cause signed integer arithmetic to overflow. An attack...

7.1CVSS6.2AI score0.00247EPSS
Exploits0References14
EUVD
EUVD
added 2026/06/26 10:0 p.m.17 views

EUVD-2026-31694

Hackney has unbounded buffer accumulation in WebSocket...

8.7CVSS5.9AI score0.00825EPSS
Exploits1References5
Microsoft CVE
Microsoft CVE
added 2026/06/17 8:2 a.m.14 views

gun HTTP/1.1 response buffer has no size limit allowing server-controlled memory exhaustion

...

8.7CVSS5.8AI score0.00381EPSS
Exploits0
NVD
NVD
added 2026/06/11 9:16 a.m.15 views

CVE-2026-53901

Cerebrate before version 1.37 contains a mass-assignment vulnerability in the generic CRUD add path. The add handler attempted to remove an attacker-supplied id from $params before normalizing the request through massageInput. Because the normalized $input could still contain an id field, a user...

8.7CVSS0.00312EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/11 7:31 a.m.10 views

EUVD-2026-36216

Cerebrate before version 1.37 contains a mass-assignment vulnerability in the generic CRUD add path. The add handler attempted to remove an attacker-supplied id from $params before normalizing the request through massageInput. Because the normalized $input could still contain an id field, a user...

8.7CVSS5.5AI score0.00312EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.23 views

PT-2026-48632

Cerebrate before version 1.37 contains a mass-assignment vulnerability in the generic CRUD add path. The add handler attempted to remove an attacker-supplied id from $params before normalizing the request through massageInput. Because the normalized $input could still contain an id field, a user...

8.7CVSS5.5AI score0.00312EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/08 2:12 p.m.10 views

CVE-2026-43973 gun HTTP/1.1 response buffer has no size limit allowing server-controlled memory exhaustion

Uncontrolled Resource Consumption vulnerability in ninenines gun gunhttp module allows a malicious server to exhaust client memory via unbounded HTTP/1.1 response buffering. In gunhttp:handle/5, three clauses accumulate incoming TCP data into the connection's buffer field using binary concatenati...

8.7CVSS5.8AI score0.00381EPSS
Exploits0References3
OSV
OSV
added 2026/06/08 2:12 p.m.12 views

EEF-CVE-2026-43973 gun HTTP/1.1 response buffer has no size limit allowing server-controlled memory exhaustion

Summary Uncontrolled Resource Consumption vulnerability in ninenines gun gun\http module allows a malicious server to exhaust client memory via unbounded HTTP/1.1 response buffering. In gun\http:handle/5, three clauses accumulate incoming TCP data into the connection's buffer field using binary...

8.7CVSS6.2AI score0.00381EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 1:29 p.m.9 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...

9.8CVSS5.9AI score0.00453EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2026/05/02 1:25 a.m.22 views

SUSE CVE-2026-31694

In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuseadddirenttocache computes a serialized dirent size from the server-controlled namelen field and copies the dirent into a single page-cache page. The existing logic only checks...

7.8CVSS5.8AI score0.00127EPSS
Exploits1References118
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.11 views

PT-2026-36170

Name of the Vulnerable Software and Affected Versions Secure Access client for MacOS versions prior to 14.50 Description A format string issue exists in the logging subsystem. Attackers controlling a modified server can force the client to dump small portions of memory into log files, which may...

4.8CVSS5.8AI score0.001EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/28 6:49 a.m.12 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...

9.8CVSS5.6AI score0.00453EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/27 5:38 a.m.11 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...

9.8CVSS5.6AI score0.00453EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/23 7:18 a.m.8 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...

9.8CVSS5.9AI score0.00453EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/22 7:54 a.m.16 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...

9.8CVSS5.9AI score0.00453EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.7 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: freerdp (UTSA-2026-010673)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010673 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is...

9.8CVSS6AI score0.00453EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/04/08 5:18 a.m.6 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...

9.8CVSS6.1AI score0.00453EPSS
Exploits1References6
Rows per page
Query Builder