379 matches found
Tenda AC21 缓冲区错误漏洞
The Tenda AC21 is a wireless router from China-based Tenda. A security vulnerability exists in firmware version 16.03.08.15 of the Tenda AC21 V. The vulnerability stems from a buffer overflow in the formSetVirtualSer function of its /bin/httpd component...
CVE-2022-38831
Tenda RX9Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/SetNetControlList...
CVE-2022-36585
In Tenda G3 USG3V3.0brV15.11.0.67663ENTDE, in httpd binary, the addDhcpRule function has a buffer overflow caused by sscanf...
Ubuntu: Security Advisory (USN-5520-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : perl-HTTP-Daemon (SUSE-SU-2022:2872-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2872-1 advisory. - HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially ...
SUSE: Security Advisory (SUSE-SU-2022:2874-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for perl-HTTP-Daemon (SUSE-SU-2022:2874-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:2872-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : perl-HTTP-Daemon (SUSE-SU-2022:2874-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2874-1 advisory. - HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability whi...
SUSE-SU-2022:2874-1 Security update for perl-HTTP-Daemon
This update for perl-HTTP-Daemon fixes the following issues: - CVE-2022-31081: Fixed request smuggling in HTTP::Daemon bsc1201157...
SUSE-SU-2022:2872-1 Security update for perl-HTTP-Daemon
This update for perl-HTTP-Daemon fixes the following issues: - CVE-2022-31081: Fixed request smuggling in HTTP::Daemon bsc1201157...
PT-2022-19151 · Unknown +1 · Freshtomato +1
Name of the Vulnerable Software and Affected Versions: FreshTomato version 2022.1 Description: A memory corruption issue exists in the httpd unescape functionality. This can be triggered by a specially-crafted HTTP request, leading to memory corruption. An attacker can exploit this by sending a...
PT-2022-19150 · Unknown +1 · Freshtomato +1
Name of the Vulnerable Software and Affected Versions: FreshTomato version 2022.1 Description: A memory corruption issue exists in the httpd unescape functionality. This can be triggered by a specially-crafted HTTP request, leading to memory corruption. An attacker can exploit this by sending a...
USN-5520-2: HTTP-Daemon vulnerability
USN-5520-1 fixed a vulnerability in HTTP-Daemon. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that HTTP-Daemon incorrectly handled certain crafted requests. A remote attacker could possibly use this issue to...
Ubuntu 16.04 ESM : HTTP-Daemon vulnerability (USN-5520-2)
The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5520-2 advisory. USN-5520-1 fixed a vulnerability in HTTP-Daemon. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has extracted th...
USN-5520-1: HTTP-Daemon vulnerability
It was discovered that HTTP-Daemon incorrectly handled certain crafted requests. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : HTTP-Daemon vulnerability (USN-5520-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5520-1 advisory. It was discovered that HTTP-Daemon incorrectly handled certain crafted requests. A remote attacker could possibly use this issue to perfor...
CVE-2022-31081
HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applications are served ...
The vulnerability of the httpd module in the microprogramming software of the Tenda AC18 router allows a hacker to cause a service failure.
The vulnerability of the httpd microprogramming system in the Tenda AC18 router is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure by making a request to the /goform/WifiExtraSet endpoint...
The vulnerability of the httpd module of the microprogramming system used in Tenda AC18 routers allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the httpd microprogramming system in the Tenda AC18 router lies in the writing beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...