CVE-2018-12121

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...

CVE-2018-12121

CVE-2018-12121 affects Node.js before versions 6.15.0, 8.14.0, 10.14.0 and 11.3.0. A Denial of Service can be triggered by sending many requests with maximum-sized HTTP headers (around 80 KB per connection) and carefully timed header completion, causing the HTTP server to abort due to heap alloca...

CVE-2018-12121

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...

November 2018 Security Releases

November 2018 Security Releases Update 27-November-2018 Security releases available Summary Updates are now available for all active Node.js release lines. These include fixes for the vulnerabilities identified in the initial announcement below. They also include upgrades of Node.js 6 and 8 to...

node.js -- multiple vulnerabilities

Node.js reports: Updates are now available for all active Node.js release lines. These include fixes for the vulnerabilities identified in the initial announcement. They also include upgrades of Node.js 6 and 8 to OpenSSL 1.0.2q, and upgrades of Node.js 10 and 11 to OpenSSL 1.1.0j. We recommend...

Arjun v1.1 - HTTP Parameter Discovery Suite

Features Multi-threading 3 modes of detection Regex powered heuristic scanning Huge list of 3370 parameter names Usage Note: Arjun doesn't work with python Note: Arjun uses nano as the default editor for the prompt bu...

Siemens SIMATIC Panels and SIMATIC WinCC (TIA Portal)

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Panels and SIMATIC WinCC TIA Portal Vulnerability: Code Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with network...

CRLF Injection

Jetty Server is vulnerable to CRLF injection. A remote attacker is able to inject arbitrary HTTP headers into the server response to perform response splitting attacks via the reason string in AbstractGenerator.java...

HTTP security headers are not present for app's servlet but are sent on regular Confluence page

h3. Summary When creating a servlet in a plugin/app, and accessing the servlet in the browser, you notice that security headers are not included: !Screenshot 2018-11-06 at 15.34.38.png|thumbnail! Unlike when accessing a Confluence Page: !Screenshot 2018-11-06 at 15.34.15.png|thumbnail! Notice the...

Drupal 8.6.x < 8.6.0-beta2 Symfony Legacy HTTP Headers Vulnerability

According to its self-reported version number, the detected Drupal application is affected by a vulnerability in Symfony library X-Original-URL and X-Rewrite-URL HTTP headers support. Note that the scanner has not tested for these issues but has instead relied only on the application's...

USN-3804-1: OpenJDK vulnerabilities

It was discovered that the Security component of OpenJDK did not properly ensure that manifest elements were signed before use. An attacker could possibly use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. CVE-2018-3136 Artem Smotrakov...

XSStrike v3.0 - Most Advanced XSS Detection Suite

Why XSStrike? Every XSS scanner out there has a list of payloads, they inject the payloads and if the payload is reflected into the webpage, it is declared vulnerable but that's just stupid. XSStrike on the other hand analyses the response with multiple parsers and then crafts payloads that are...

Ubuntu: Security Advisory (USN-3790-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 18.10 : Requests vulnerability (USN-3790-2)

USN-3790-1 fixed vulnerabilities in Requests. This update provides the corresponding update for Ubuntu 18.10 It was discovered that Requests incorrectly handled certain HTTP headers. An attacker could possibly use this issue to access sensitive information. Note that Tenable Network Security has...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Requests vulnerability (USN-3790-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3790-1 advisory. It was discovered that Requests incorrectly handled certain HTTP headers. An attacker could possibly use this issue to access sensitive...

GHSA-FXWV-953P-7QPF Phusion Passenger allows remote attackers to spoof headers

agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an underscore character instead of a -...

[SECURITY] Fedora 28 Update: haproxy-1.8.14-1.fc28

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

[SECURITY] Fedora 29 Update: haproxy-1.8.14-1.fc29

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

Cross-Site Scripting (XSS)

Unidata's THREDDS project is vulnerable to cross-site scripting. An attacker is able to inject arbitrary Javascript into a victim's browser via the URL or HTTP headers and steal session tokens or perform unwanted actions on behalf of the user...

Philips e-Alert Information Disclosure Vulnerability (CNVD-2019-28277)

Philips e-Alert is an electronic alert solution for MRI systems from Philips in the Netherlands, which is used to monitor and alert on MRI system performance. An information disclosure vulnerability exists in Philips e-Alert R2.1 and prior versions. The vulnerability can be exploited to obtain...