Lucene search
K

6 matches found

NVD
NVD
added 6 days ago7 views

CVE-2026-14324

RAOP module accepts unbounded Content-Length values and does not check the pwarrayadd return...

6.5CVSS0.00175EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 6 days ago2 views

CVE-2026-14324

RAOP module accepts unbounded Content-Length values and does not check the pwarrayadd return...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-41006

RAOP module accepts unbounded Content-Length values and does not check the pwarrayadd return...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References2
CVE
CVE
added 2026/04/09 2:43 p.m.17 views

CVE-2026-5440

CVE-2026-5440 describes a memory exhaustion vulnerability in an HTTP server caused by unbounded handling of the Content-Length header. The server allocates memory directly based on the attacker-supplied Content-Length value, without an upper limit, so a crafted request with a very large Content-L...

7.5CVSS5.9AI score0.00566EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/02/25 11:7 p.m.16 views

CVE-2026-27633

CVE-2026-27633 affects TinyWeb on Windows (Delphi; pre-2.02). Unauthenticated remote attackers can trigger a DoS by sending an HTTP POST with an extremely large Content-Length; TinyWeb allocates memory for the request body streaming it without a cap, exhausting all available memory and crashing. ...

8.7CVSS5.7AI score0.00436EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/02/25 11:7 p.m.29 views

CVE-2026-27633 TinyWeb has Unbounded Content-Length Memory Exhaustion (DoS)

TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Versions prior to version 2.02 have a Denial of Service DoS vulnerability via memory exhaustion. Unauthenticated remote attackers can send an HTTP POST request to the server with an exceptionally large Content-Length header e.g.,...

8.7CVSS0.00436EPSS
Exploits0References3
Rows per page
Query Builder