112 matches found
CVE-2018-7582
WebLog Expert Web Server Enterprise 9.4 allows Remote Denial Of Service daemon crash via a long HTTP Accept Header to TCP port 9991...
WebLog Expert Web Server Enterprise 9.4 Denial Of Service Exploit
Exploit for windows platform in category dos / poc + Credits: John Page aka hyp3rlinx Vendor: ======= www.weblogexpert.com Product: ========= WebLog Expert Web Server Enterprise v9.4 WebLog Expert is a fast and powerful access log analyzer. It will give you information about your site's visitors:...
DEBIAN-CVE-2018-7284
A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the respjsippubsub module stores the accepted formats present in the Accept headers of the request. Th...
Akka HTTP Accept Header Denial of Service Vulnerability
Akka HTTP is an HTTP application. A security vulnerability in Akka HTTP's handling of the ACCEPT header allows remote attackers to exploit the vulnerability to submit specially crafted requests that can crash the application...
openSUSE Security Update : Mozilla Firefox and NSS (openSUSE-2017-1114)
This update to Mozilla Firefox 52.4esr, along with Mozilla NSS 3.28.6, fixes security issues and bugs. The following vulnerabilities advised upstream under MFSA 2017-22 boo1060445 were fixed : - CVE-2017-7793: Use-after-free with Fetch API - CVE-2017-7818: Use-after-free during ARIA array...
Security update for Mozilla Firefox and NSS (important)
This update to Mozilla Firefox 52.4esr, along with Mozilla NSS 3.28.6, fixes security issues and bugs. The following vulnerabilities advised upstream under MFSA 2017-22 boo1060445 were fixed: - CVE-2017-7793: Use-after-free with Fetch API - CVE-2017-7818: Use-after-free during ARIA array...
CVE-2016-0751
actionpack/lib/actiondispatch/http/mimetype.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service...
CVE-2016-0751
actionpack/lib/actiondispatch/http/mimetype.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service...
UBUNTU-CVE-2016-0751
actionpack/lib/actiondispatch/http/mimetype.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service...
CVE-2013-1946
The CVE-2013-1946 entry affects Drupal’s RESTful Web Services (RESTWS) module for Drupal 7.x-1.x up to 7.x-1.3 and 7.x-2.x up to 7.x-2.0-alpha5. When page caching is enabled and anonymous users have RESTWS permissions, a GET request with an HTTP Accept header set to a non-HTML type can cause a de...
Moderate: Red Hat Security Advisory: rhevm security and bug fix update
Updated rhevm packages that fix one security issue and various bugs are now available. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from the...
Netscape Enterprise Server Accept Header Remote Overflow
The remote web server seems to crash when it is issued a too long argument to the 'Accept:' command : Example : GET / HTTP/1.0 Accept: /gif This may allow an attacker to execute arbitrary code on the remote system. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10154...