14 matches found
CVE-2026-34124 Denial of Service via Path Expansion Overflow in HTTP Service in TP-Link Tapo C520WS
A denial-of-service vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP request path parsing logic. The implementation enforces length restrictions on the raw request path but does not account for path expansion performed during normalization. An attacker on the adjacent...
CVE-2026-34119
CVE-2026-34119 — TP-Link Tapo C520WS (v2.6) shows a heap-based buffer overflow in the HTTP parsing loop when appending segmented request bodies, due to insufficient boundary validation for externally supplied HTTP input. The issue can allow heap memory corruption on the device when an attacker on...
TP-Link Tapo C520WS 安全漏洞
The TP-Link Tapo C520WS is a WiFi camera produced by TP-Link Corporation. The TP-Link Tapo C520WS v2.6 version has a security vulnerability. This vulnerability stems from inconsistencies in the JSON request parsing and authorization logic during the authentication check in the DS configuration...
RHEL 8 : git-lfs (RHSA-2026:3973)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3973 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while...
OPENSUSE-SU-2026:20283-1 Security update for libsoup2
This update for libsoup2 fixes the following issues: - CVE-2026-1761: incorrect length calculation when parsing of multipart HTTP responses can lead to a stack-based buffer overflow bsc1257598...
PT-2026-21592
Name of the Vulnerable Software and Affected Versions free5gc UDM versions up to and including 1.4.1 Description free5gc UDM provides Unified Data Management for free5GC, an open-source 5G mobile core network project. Remote attackers can inject control characters, such as %00, into the supi...
PT-2025-68: Stack-based buffer overflow during HTTP boundary-content parsing in LCD KVM over IP switch CL5708IM
The vulnerability was identified in LCD KVM over IP switch CL5708IM firmware version v2.2.215. The discovered vulnerability allows an attacker to achieve remote code execution or a denial‑of‑service condition. It is triggered by a stack‑based buffer overflow when parsing multipart boundary tags,...
The vulnerability of the LibHTP library, related to unlimited resource distribution, allows attackers to cause service failures.
The vulnerability of the LibHTP library is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...
python-twisted: possible http request smuggling
A flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the twisted.web.http module. The illegal constructs include '+/-' in the Content-Length header, '\n and \t' etc. Non-conformant parsing leads to a desync if requests pass through multiple HTT...
python-twisted: possible http request smuggling
A flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the twisted.web.http module. The illegal constructs include '+/-' in the Content-Length header, '\n and \t' etc. Non-conformant parsing leads to a desync if requests pass through multiple HTT...
OpenText Brava! 缓冲区错误漏洞
OpenText Brava! Desktop is a Windows-based viewing and collaboration tool that lets you easily view and collaborate on almost any file. An out-of-bounds write vulnerability exists in the parsing of DWF files in OpenText Brava! Desktop. The vulnerability stems from a lack of proper validation of...
jetty: HTTP request smuggling
In Eclipse Jetty, versions 9.2.x and older, 9.3.x all configurations, and 9.4.x non-default configuration with RFC2616 compliance enabled, transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a...
CVE-2018-17846
The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification...
UBUNTU-CVE-2016-5292
During URL parsing, a maliciously crafted URL can cause a potentially exploitable crash. This vulnerability affects Firefox 50...