Mozilla: Miscellaneous memory safety hazards (rv:45.3) (MFSA 2016-62)

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to Http2Session::Shutdown a...

Apache HTTP Server Denial of Service Vulnerability (CNVD-2016-04612)

Apache HTTP Server is an open source web server from the Apache Software Foundation. Apache HTTP Server versions 2.4.17 and 2.4.18, with modhttp2 enabled, do not limit the number of simultaneous stream jobs for a single HTTP/2 connection. By modifying the stream control window, a remote attacker...

The vulnerability of the Firefox browser, which allows a remote attacker to bypass certificate verification

The vulnerability of the Firefox browser in handling alternative HTTP services allows a malicious actor to bypass the X.509 certificate verification for SSL servers by modifying the server address in the uri-host header of the HTTP/2 response...

CVE-2016-0150

HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers to cause a denial of service system hang via crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability."...

PT-2016-2318

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.17 through 2.4.18 Description The issue is related to resource management errors in the Apache HTTP Server. It allows a remote attacker to cause a denial of service by modifying flow-control windows, leading to ...

DEBIAN-CVE-2016-2525

epan/dissectors/packet-http2.c in the HTTP/2 dissector in Wireshark 2.0.x before 2.0.2 does not limit the amount of header data, which allows remote attackers to cause a denial of service memory consumption or application crash via a crafted packet...

Mozilla Firefox Denial of Service Vulnerability (CNVD-2015-08319)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in the HTTP/2 implementation of Mozilla Firefox prior to version 43.0. A remote attacker can exploit this vulnerability to cause a denial of service integer...

Mozilla Firefox Denial of Service Vulnerability (CNVD-2015-08320)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in the HTTP/2 implementation of Mozilla Firefox 43.0 and earlier. A remote attacker can exploit this vulnerability to cause a denial of service integer overflow,...

Mozilla Firefox Man-in-the-Middle Attack Vulnerability

Mozilla Firefox is a web browser developed by the Mozilla Foundation in conjunction with the open source community. A security vulnerability in the Mozilla Firefox HTTP Alternative Services feature allows attackers to bypass SSL services and conduct man-in-the-middle attacks by specifying a...