1081 matches found
Exploit for CVE-2022-21907
CVE-2022-21907 Golang Application by 1vere$k CVE-2022-21907 -...
CVE-2022-24045
A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...
GHSA-X445-MMPW-7R4F Apache Tomcat Allows Source Disclosure
Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification i.e. HTTP/1.0...
Apache Tomcat Allows Source Disclosure
Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification i.e. HTTP/1.0...
GHSA-7WJ2-48C4-2684 Apache Tomcat Denial of Service vulnerability in the Catalina package
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.6 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests...
Apache Tomcat Denial of Service vulnerability in the Catalina package
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.6 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests...
Slackware: Security Advisory (SSA:2017-300-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-25226
ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via 'http://thin-vnc:8080/cmd?cmd=connect' by obtaining a valid SID without any kind of authentication. It is possible to achieve code execution on the server by sending keyboard or mouse events to the serve...
The vulnerability of the Samples component of the Oracle WebLogic Server application server allows a perpetrator to gain unauthorized access to read, modify, or delete data.
The vulnerability of the Samples component of the Oracle WebLogic Server application server is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to read, modify, or delete data using the HTTP...
The vulnerability of the Reseller Locator component in the Oracle Partner Management system allows a malicious actor to gain unauthorized access to read, modify, or delete data.
The vulnerability of the Reseller Locator component in the Oracle Partner Management system is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to read, modify, or delete data using the HTTP...
The vulnerability of the Unified Metadata Manager component of the Oracle Financial Services Analytical Applications Infrastructure software allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Unified Metadata Manager component of the Oracle Financial Services Analytical Applications Infrastructure software relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...
The vulnerability of the Unified Metadata Manager component of the Oracle Financial Services Analytical Applications Infrastructure software allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Unified Metadata Manager component of the Oracle Financial Services Analytical Applications Infrastructure software relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...
The vulnerability of the Log component in the Oracle Enterprise Session Border Controller allows a perpetrator to cause a partial service disruption.
The vulnerability of the Log component in the Oracle Enterprise Session Border Controller is related to resource release errors. Exploiting this vulnerability could allow a malicious actor to cause a partial service outage using the HTTP protocol...
Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability
Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution...
Exploit for CVE-2022-21907
CVE-2022-21907 A REAL DoS exploit for CVE-2022-21907 It supp...
CVE-2021-27422
GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP protocol. It allows sensitive information exposure without authentication...
CVE-2021-27422
GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP protocol. It allows sensitive information exposure without authentication...
Authentication flaw
GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP protocol. It allows sensitive information exposure without authentication...
CVE-2021-27422 GE UR family exposure of sensitive information to an unauthorized actor
GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP protocol. It allows sensitive information exposure without authentication...
CVE-2021-27422 GE UR family exposure of sensitive information to an unauthorized actor
GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP protocol. It allows sensitive information exposure without authentication...