Cesanta Mongoose 安全漏洞

Cesanta Mongoose is a set of embedded server libraries from the Irish company Cesanta, which includes features such as TCP, HTTP client and server, and WenSocket client and server. A security vulnerability exists in Cesanta Mongoose version 6.18, which stems from a buffer overflow in...

SUSE CVE-2018-10583

An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt...

Embedthis Software GoAhead 安全漏洞

Embedthis Software GoAhead is an embedded Web server from Embedthis Software. A security vulnerability exists in Embedthis Software GoAhead, which stems from the fact that the code that performs password matching during "basic" HTTP authentication does not use the constant time memcmp and is not...

The vulnerability of the webSetHostTable function in the embedded web server software is related to buffer overflows in the stack due to insufficient input data processing. This allows attackers to execute arbitrary code or cause service interruptions by exploiting this vulnerability.

The vulnerability of the webSetHostTable function in the embedded web server software is related to buffer overflows in the stack due to insufficient input data processing. Exploiting this vulnerability can allow an attacker to enhance their privileges, execute arbitrary code, or cause service...

Embedthis Software GoAhead Resource Management Error Vulnerability

Embedthis Software GoAhead is an embedded Web server from Embedthis Software, USA. Embedthis Software GoAhead suffers from a resource management error vulnerability. An attacker can exploit this vulnerability to corrupt the heap structure and execute code...

Cesanta Mongoose Input Validation Error Vulnerability

Cesanta Mongoose is a set of embedded server libraries from the Irish company Cesanta, which includes features such as TCP, HTTP client and server, WenSocket client and server. An input validation error vulnerability exists in Cesanta Mongoose. The vulnerability stems from a network system or...

GoAhead Web server HTTP header injection vulnerability

GoAhead WebServer is an open source embedded WEB server program that supports Active Server Pages, embedded Javascript, SSL authentication and encryption. An HTTP header injection vulnerability exists in GoAhead Web server. It allows an attacker to spoof a specific host header, which allows the...

The vulnerability of the dot1xRadiusServerSetting function in the embedded web server of the Moxa EDS-G516E and Moxa EDS-510E microcontroller software allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the dot1xRadiusServerSetting function in the embedded web server of the Moxa EDS-G516E and Moxa EDS-510E microcontroller software systems is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a...

Cesanta Mongoose Embedded Web Server Library Resource Management Error Vulnerability (CNVD-2019-22655)

Cesanta Mongoose Embedded Web Server Library is a cross-platform embedded server and web library written in C. It is designed to be used with a wide range of applications, including... A resource management error vulnerability exists in the 'mgcgievhandler' function of the mongoose.c file in...

Cesanta Mongoose Embedded Web Server Library Resource Management Error Vulnerability (CNVD-2019-22662)

Cesanta Mongoose Embedded Web Server Library is a cross-platform embedded server and web library written in C. It is designed to be used with a wide range of applications, including... A resource management error vulnerability exists in the 'mghttpgetprotodata' function of the mongoose.c file in...

SUSE-SU-2018:1781-1 Security update for mariadb

MariaDB was updated to 10.0.35 bsc1090518 Notable changes: PCRE updated to 8.42 XtraDB updated to 5.6.39-83.1 TokuDB updated to 5.6.39-83.1 InnoDB updated to 5.6.40 The embedded server library now supports SSL when connecting to remote servers bsc1088681, CVE-2018-2767 MDEV-15249 - Crash in MVCC...

SUSE-SU-2018:1382-1 Security update for mariadb

MariaDB was updated to 10.0.35 bsc1090518 Notable changes: PCRE updated to 8.42 XtraDB updated to 5.6.39-83.1 TokuDB updated to 5.6.39-83.1 InnoDB updated to 5.6.40 The embedded server library now supports SSL when connecting to remote servers bsc1088681, CVE-2018-2767 MDEV-15249 - Crash in MVCC...

TwonkyMedia Server 7.0.11-8.5 - Persistent Cross-Site Scripting

TwonkyMedia Server 7.0.11-8.5 - Persistent Cross-Site Scripting --------------------------------------------------------------------- 1. About --------------------------------------------------------------------- Exploit Title: TwonkyMedia Server 7.0.11-8.5 Persistent XSS Date: 2018-03-27 Exploit...

Debut embedded http server denial of service vulnerability

Debut embedded http server is an embedded HTTP server. A security vulnerability exists in Debut embedded http server version 1.20. A remote attacker can exploit this vulnerability by sending a malformed HTTP request to cause a denial of service server hang...

CVE-2017-16249

The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying 300 seconds with an HTTP 500 error. While the server is hung, print jobs over the network are blocked and the web...

Cesanta Mongoose MQTT Remote Code Execution Vulnerability

Cesanta Mongoose is a suite of embedded servers from Cesanta, Ireland. A remote code execution vulnerability exists in the MQTT packet parsing feature in Cesanta Mongoose version 6.8. An attacker can exploit this vulnerability by sending specially crafted MQTT packets to obtain information, cause...

Debut Embedded Server DoS Vulnerability

Debut embedded httpd server is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

MariaDB 10.1.0 < 10.1.14 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.1.14. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.1.14 advisory. - Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before...

Unspecified Vulnerability in Sun GlassFish Enterprise Server Embedded Server Component (CNVD-2016-00684)

Oracle GlassFish Enterprise Server is an open source and open community platform for building and deploying next-generation applications and services. An unspecified security vulnerability exists in the Oracle GlassFish Enterprise Server Embedded Server component that could be exploited by remote...

CVE-2016-0453

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote attackers to affect integrity via unknown vectors related to Embedded Server...