Lucene search
K

10 matches found

OSV
OSV
added 2026/05/07 7:22 a.m.5 views

SUSE-SU-2026:1745-1 Security update for rmt-server

This update for rmt-server fixes the following issues: Update to version 2.27. Security issues fixed: - CVE-2026-26961: rack: greedy multipart boundary parsing can lead to parser differentials and WAF bypass bsc1261398. - CVE-2026-26962: rack: improper unfolding of folded multipart headers can le...

7.5CVSS5.8AI score0.0043EPSS
Exploits0References21
CVE
CVE
added 2026/04/06 8:8 p.m.113 views

CVE-2026-35213

CVE-2026-35213 affects the @hapi/content package: three regexes used to parse Content-Type and Content-Disposition headers enable Regular Expression Denial of Service (ReDoS) via crafted header values. All versions up to 6.0.0 are vulnerable; remediation is to upgrade to 6.0.1 where the issue is ...

8.7CVSS5.9AI score0.00413EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/04 5:49 p.m.13 views

CVE-2026-20067

Cisco reports CVE-2026-20067 affects multiple products running the Snort 3 detection engine. The root cause is incomplete error checking when parsing Multicast DNS fields of the HTTP header, exploitable by an unauthenticated, remote attacker sending crafted HTTP packets over the network. Successf...

5.8CVSS6AI score0.00475EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-27776

Malicious code in bioql PyPI...

8.6CVSS6.4AI score0.00367EPSS
Exploits0References1
OSV
OSV
added 2024/03/20 5:15 a.m.5 views

CVE-2024-22081

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated memory corruption can occur in the HTTP header parsing mechanism...

9.8CVSS5.8AI score0.00785EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/06/23 4:43 a.m.6 views

golang: net/http, net/textproto: denial of service from excessive memory allocation

A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service...

7.5CVSS6.7AI score0.01888EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/05/25 8:10 a.m.3 views

golang: net/http, net/textproto: denial of service from excessive memory allocation

A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service...

7.5CVSS6.7AI score0.01888EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/04/04 12:0 a.m.11 views

PT-2023-9030 · Unknown +10 · Net/Textproto +10

Name of the Vulnerable Software and Affected Versions: net/textproto versions affected versions not specified Description: The issue is related to HTTP and MIME header parsing, which can allocate large amounts of memory even when parsing small inputs, potentially leading to a denial of service...

9.8CVSS7.1AI score0.99999EPSS
Exploits33References384
BDU FSTEC
BDU FSTEC
added 2019/12/17 12:0 a.m.3 views

The vulnerability of the syntax analysis function for HTTP headers of TP-Link TL-R600VPN software routers allows a hacker to execute arbitrary code.

The vulnerability of the syntax analysis function for HTTP headers of TP-Link TL-R600VPN software lies in the fact that the operation is performed outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted HTTP...

9CVSS7.9AI score0.03928EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2006/08/26 9:4 p.m.1 views

DEBIAN-CVE-2006-3124

Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted HTTP headers...

7.5CVSS8.1AI score0.18678EPSS
Exploits0References1
Rows per page
Query Builder