Lucene search
K

2442 matches found

Cvelist
Cvelist
added 2012/02/03 8:0 p.m.26 views

CVE-2011-4512

CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 aka TIA portal before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows...

6.7AI score0.01752EPSS
Exploits0References2
CVE
CVE
added 2012/02/03 8:0 p.m.54 views

CVE-2011-4512

CVE-2011-4512 is a CRLF/header-injection vulnerability in the Siemens SIMATIC WinCC/HMI web server. Affected products include WinCC flexible 2004/2005/2007/2008 before SP3; WinCC V11 (TIA Portal) before SP2 Update 1; multiple SIMATIC HMI panels (TP/OP/MP/Comfort/Mobile); WinCC V11 Runtime Advance...

5CVSS6.9AI score0.01752EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2012/01/13 4:14 a.m.18 views

CVE-2012-0310

CRLF injection vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20 and earlier, and OPC DataHub 6.4.20 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

5.8CVSS6.8AI score0.01512EPSS
Exploits0References8
Cvelist
Cvelist
added 2012/01/13 2:0 a.m.22 views

CVE-2012-0310

CRLF injection vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20 and earlier, and OPC DataHub 6.4.20 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

6.8AI score0.01512EPSS
Exploits0References8
CVE
CVE
added 2012/01/13 2:0 a.m.49 views

CVE-2012-0310

CVE-2012-0310 is a CRLF/header injection vulnerability in Cogent DataHub (7.1.2 and earlier), Cascade DataHub (6.4.20 and earlier), and OPC DataHub (6.4.20 and earlier). The issue allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via unspecified vectors....

5.8CVSS7AI score0.01512EPSS
Exploits0References8Affected Software3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/01/11 12:0 a.m.31 views

JVN#63249231: Cogent DataHub vulnerable to HTTP header injection

Cogent DataHub provided by Cogent Real-Time Systems Inc. contains a HTTP header injection vulnerability also known as CRLF, carriage return line feed, injection vulnerability. Impact If a remote attacker sends a crafted HTTP header to a vulnerable system, forged information may be displayed on th...

5.8CVSS6.4AI score0.01512EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2011/12/27 12:0 a.m.1 views

Mozilla Multiple Products Multiple Location Headers HTTP Response Splitting (CVE-2011-3000)

An HTTP response splitting vulnerability has been reported in Mozilla Firefox, Thunderbird and SeaMonkey. The vulnerability is due to an error in the way the applications handle HTTP responses with multiple location headers. A remote attacker may exploit this vulnerability by enticing users to op...

4.3CVSS8.9AI score0.02018EPSS
Exploits0
NVD
NVD
added 2011/12/22 3:29 p.m.18 views

CVE-2011-4203

CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors involving the url variable...

5CVSS6.8AI score0.01104EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2011/12/22 3:29 p.m.35 views

CVE-2011-4203

CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors involving the url variable...

5CVSS6AI score0.01104EPSS
Exploits1References1
Cvelist
Cvelist
added 2011/12/22 3:0 p.m.24 views

CVE-2011-4203

CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors involving the url variable...

6.7AI score0.01104EPSS
Exploits1References2
CVE
CVE
added 2011/12/22 3:0 p.m.42 views

CVE-2011-4203

The CVE-2011-4203 issue affects Moodle’s Calendar component, specifically calendar/set.php. The root cause is a CRLF injection via the url parameter, allowing remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting. Affected versions are Moodle 1.9.x before 1.9.15, 2...

5CVSS6.9AI score0.01104EPSS
Exploits1References2Affected Software1
OpenVAS
OpenVAS
added 2011/12/12 12:0 a.m.30 views

CentOS Update for perl CESA-2011:1797 centos4 i386

Check for the Version of perl OpenVAS Vulnerability Test CentOS Update for perl CESA-2011:1797 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

7.5CVSS9.6AI score0.13526EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2011/12/12 12:0 a.m.34 views

CentOS Update for perl CESA-2011:1797 centos5 i386

Check for the Version of perl OpenVAS Vulnerability Test CentOS Update for perl CESA-2011:1797 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

7.5CVSS9.6AI score0.13526EPSS
Exploits0References2
Cent OS
Cent OS
added 2011/12/09 8:14 a.m.96 views

perl security update

CentOS Errata and Security Advisory CESA-2011:1797 Updated perl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS...

7.5CVSS7.7AI score0.13526EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2011/12/09 12:0 a.m.28 views

RedHat Update for perl RHSA-2011:1797-01

Check for the Version of perl OpenVAS Vulnerability Test RedHat Update for perl RHSA-2011:1797-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

7.5CVSS0.13526EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2011/12/09 12:0 a.m.22 views

RedHat Update for perl RHSA-2011:1797-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.5CVSS9.6AI score0.13526EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2011/12/08 6:56 p.m.42 views

Moderate: Red Hat Security Advisory: perl security update

Updated perl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

7.5CVSS7.7AI score0.13526EPSS
Exploits0References3
Prion
Prion
added 2011/12/02 11:55 a.m.12 views

Crlf injection

CRLF injection vulnerability in admin/displayImage.php in Prestashop 1.4.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the name parameter...

5CVSS7.5AI score0.0377EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2011/12/02 11:0 a.m.25 views

CVE-2011-4545

CRLF injection vulnerability in admin/displayImage.php in Prestashop 1.4.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the name parameter...

7AI score0.0377EPSS
Exploits1References2
CVE
CVE
added 2011/12/02 11:0 a.m.44 views

CVE-2011-4545

The CVE refers to a CRLF injection in Prestashop 1.4.4.1, specifically in admin/displayImage.php, exploitable via the name parameter to inject arbitrary HTTP headers and conduct HTTP response splitting. The NVD entry lists a base score of 5.0 (Medium) with network attack vector, low complexity, n...

5CVSS7.2AI score0.0377EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder