Lucene search
K

29 matches found

FreeBSD
FreeBSD
added 2018/06/27 12:0 a.m.38 views

www/py-requests -- Information disclosure vulnerability

The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network...

7.5CVSS3AI score0.07443EPSS
Exploits2References5
Cvelist
Cvelist
added 2014/09/29 10:0 p.m.20 views

CVE-2013-3092

The Belkin N300 F7D7301v1 router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header...

7.1AI score0.02247EPSS
Exploits1References2
CVE
CVE
added 2014/09/29 10:0 p.m.42 views

CVE-2013-3092

The vulnerability CVE-2013-3092 affects the Belkin N300 (F7D7301v1) router. The issue arises from incorrect validation of the HTTP Authorization header, enabling remote attackers to bypass authentication and escalate privileges. The impact is authentication bypass with full or elevated access, as...

8.3CVSS7.3AI score0.02247EPSS
Exploits1References2Affected Software2
Apache Httpd
Apache Httpd
added 2009/09/03 12:0 a.m.61 views

Apache Httpd < 2.2.14 : mod_proxy_ftp FTP command injection

A flaw was found in the modproxyftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server...

5CVSS4.9AI score0.1256EPSS
Exploits2Affected Software1
NVD
NVD
added 2005/05/02 4:0 a.m.19 views

CVE-2005-1348

Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header...

7.5CVSS7.7AI score0.72622EPSS
Exploits6References4
securityvulns
securityvulns
added 2004/07/23 12:0 a.m.30 views

Conceptronic CADSLR1 buffer overflow

Buffer overflow on oversized HTTP Authorization: header...

2.9AI score
Exploits0References1
CVE
CVE
added 2002/06/11 4:0 a.m.58 views

CVE-2002-0566

CVE-2002-0566 affects Oracle 9i Application Server (iAS) with the PL/SQL module 3.0.9.8.2. The vulnerability allows an unauthenticated remote attacker to crash the Apache-based PL/SQL service by sending a malformed HTTP Authorization header (no auth type). Impact is denial of service (partial ava...

5CVSS8.8AI score0.03575EPSS
Exploits0References5Affected Software4
CERT
CERT
added 2002/02/28 12:0 a.m.35 views

Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via HTTP Authorization header

Overview A buffer overflow vulnerability exists in the Apache Procedural Language/Structured Query Language PL/SQL module used by Oracle9i Application Server iAS. An HTTP Authorization header with a crafted password parameter could allow an unauthenticated remote attacker to cause a denial of...

7.5CVSS10AI score0.13139EPSS
Exploits0References8
CERT
CERT
added 2002/02/25 12:0 a.m.38 views

Oracle9i Application Server Apache PL/SQL module does not properly handle HTTP Authorization header

Overview A vulnerability exists in the way the Apache Procedural Language/Structured Query Language PL/SQL module used by Oracle9i Application Server iAS handles HTTP Authorization headers. This vulnerability could allow an unauthenticated remote attacker to crash the Apache service. Description...

5CVSS9.1AI score0.03575EPSS
Exploits0References8
Rows per page
Query Builder