CVE-2021-27422

GE UR firmware 8.1x or later mitigates a vulnerability (CVE-2021-27422) where the web server interface, exposed over HTTP, can disclose sensitive information without authentication. Affected: GE UR family relays with prior-to-8.1x web server. Root cause: HTTP web server exposure allowing unauthen...

Metasploit Weekly Wrap-Up

CVE-2022-21999 - SpoolFool Our very own Shelby Pace has added a new module for the CVE-2022-21999 SpoolFool privilege escalation vulnerability. This escalation vulnerability can be leveraged to achieve code execution as SYSTEM. This new module has successfully been tested on Windows 10 10.0 Build...

Windows IIS HTTP Protocol Stack DOS

This module exploits CVE-2021-31166, a UAF bug in http.sys when parsing specially crafted Accept-Encoding headers that was patched by Microsoft in May 2021, on vulnerable IIS servers. Successful exploitation will result in the target computer BSOD'ing before subsequently rebooting. Note that the...

Luna Simo 安全漏洞

Luna Simo is a smartphone from the Korean company Luna. A security vulnerability exists in Luna Simo PPR1.180610.011/202001031830. The vulnerability stems from the fact that it uses HTTP to send the following personally identifiable information PII in clear text to a server in China...

Information Disclosure

cobbler is vulnerable to information disclosure. The vulnerability exists due to the cleartext transmission of data through the insecure HTTP protocol, allowing an attacker to gain sensitive information...

CVE-2021-45081

An issue was discovered in Cobbler through 3.3.1. Routines in several files use the HTTP protocol instead of the more secure HTTPS...

CVE-2021-45081

An issue was discovered in Cobbler through 3.3.1. Routines in several files use the HTTP protocol instead of the more secure HTTPS...

Design/Logic Flaw

An issue was discovered in Cobbler through 3.3.1. Routines in several files use the HTTP protocol instead of the more secure HTTPS...

CVE-2021-45081

An issue was discovered in Cobbler through 3.3.1. Routines in several files use the HTTP protocol instead of the more secure HTTPS...

in medialize/uri.js

Description Bypass for https://huntr.dev/bounties/1625558772840-medialize/URI.js/ urijs fixed the issue for CVE-2021-3647, however an attacker can still exploit the issue due to case-sensitive checks in the earlier patch. Attacker can use case-insensitive protocol schemes like HTTP, htTP, HTtp et...

netty: control chars in header names may lead to HTTP request smuggling

A flaw was found in Netty, specifically in the netty-codec-http package. This flaw allows unauthorized control characters at the beginning and end of a request, does not follow the specification, and can cause HTTP request smuggling...

CVE-2022-0536

A flaw was found in the follow-redirects package. This flaw allows the exposure of sensitive information to an unauthorized actor due to the usage of insecure HTTP protocol. This issue happens with an Authorization header leak from the same hostname, https-http, and requires a Man-in-the-Middle...

Microsoft HTTP.sys Remote Code Execution Vulnerability

Microsoft HTTP protocol stack HTTP.sys contains a vulnerability that allows for remote code execution...

CVE-2021-45735

TOTOLINK X5000R v9.1.0u.6118B20201102 was discovered to use the HTTP protocol for authentication into the admin interface, allowing attackers to intercept user credentials via packet capture software...

Design/Logic Flaw

TOTOLINK X5000R v9.1.0u.6118B20201102 was discovered to use the HTTP protocol for authentication into the admin interface, allowing attackers to intercept user credentials via packet capture software...

CVE-2021-45735

TOTOLINK X5000R v9.1.0u.6118B20201102 was discovered to use the HTTP protocol for authentication into the admin interface, allowing attackers to intercept user credentials via packet capture software...

varnish: HTTP/1 request smuggling vulnerability

A flaw was found in Varnish. This flaw allows an attacker to carry out a request smuggling attack on HTTP/1 connections on Varnish cache servers. This smuggled request goes through the usual Varnish Configuration Language VCL processing since the Varnish server treats it as an additional request...

UBUNTU-CVE-2021-43848

h2o is an open source http server. In code prior to the 8c0eca3 commit h2o may attempt to access uninitialized memory. When receiving QUIC frames in certain order, HTTP/3 server-side implementation of h2o can be misguided to treat uninitialized memory as HTTP/3 frames that have been received. Whe...

CVE-2022-23018

On BIG-IP AFM version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and 13.1.x beginning in 13.1.3.4, when a virtual server is configured with both HTTP protocol security and HTTP Proxy Connect profiles, undisclosed requests can cause the Traffic Management Microkernel TMM...

Design/Logic Flaw

On BIG-IP AFM version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and 13.1.x beginning in 13.1.3.4, when a virtual server is configured with both HTTP protocol security and HTTP Proxy Connect profiles, undisclosed requests can cause the Traffic Management Microkernel TMM...