Polymorph - A Real-Time Network Packet Manipulation Framework With Support For Almost All Existing Protocols

Polymorph is a framework written in Python 3 that allows the modification of network packets in real time, providing maximum control to the user over the contents of the packet. This framework is intended to provide an effective solution for real-time modification of network packets that implemen...

The vulnerability of the JSF server component in WebLogic Server allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the WebLogic Server application server’s JSF component is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected data or cause service failures using the HTTP protocol...

The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected data or cause service failures...

The vulnerability of the Print Server component in the business application for managing and distributing information to customers, known as One-to-One Fulfillment, allows a malicious actor to gain unauthorized access to protected data.

The vulnerability of the Print Server component in the business application for managing and distributing information to customers, known as One-to-One Fulfillment, is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to ga...

The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data or...

The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected data or cause service failures...

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system, which allows a malicious actor to gain unauthorized access to protected data

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...

The vulnerability of Oracle Marketing’s User Interface component allows a hacker to gain unauthorized access to protected data.

The vulnerability of Oracle Marketing’s User Interface component is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...

The vulnerability of the User Interface component of the Trade Management business platform allows a perpetrator to gain unauthorized access to protected data.

The vulnerability of the User Interface component of the Trade Management business platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...

RHEL 7 : xmlrpc (RHSA-2018:2317)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2317 advisory. XML-RPC is a way to make remote procedure calls over the Internet. It converts procedure calls into XML documents, sends them to a remote server usin...

UBUNTU-CVE-2018-14369

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression...

Security Bulletin: Denial of service for accessing data using HTTP protocol on IBM Storwize V7000 Unified (CVE-2007-6750)

Summary A fix is available for IBM Storwize V7000 Unified, for the security issue of Denial of service for accessing data using HTTP protocol. Vulnerability Details CVEID: CVE-2007-6750 DESCRIPTION: IBM Storwize V7000 Unified supports data access using HTTP protocol. Apache HTTP Server is...

Security Bulletin: Denial of service for accessing data using HTTP protocol on IBM SONAS (CVE-2007-6750)

Summary A fix is available for IBM SONAS, for the security issue of Denial of service for accessing data using HTTP protocol. Vulnerability Details CVEID: CVE-2007-6750 DESCRIPTION: SONAS supports data access using HTTP protocol. Apache HTTP Server is vulnerable to a denial of service. By sending...

prebuild-lwip Remote Code Execution Vulnerability

prebuild-lwip is a lightweight image processor based on NodeJS. A security vulnerability exists in prebuild-lwip that originates when the program downloads binary resources over the HTTP protocol. An attacker can use this vulnerability to modify or read the downloaded resources and potentially...

js-given code execution vulnerability

js-given is a developer-oriented , BDD for JavaScript Behavior Driven Development, Behavior Driven Development tools . A security vulnerability exists in js-given that originates when the program downloads binary resources over the HTTP protocol. A remote attacker could exploit the vulnerability ...

CVE-2018-8231

A remote code execution vulnerability exists when HTTP Protocol Stack Http.sys improperly handles objects in memory, aka "HTTP Protocol Stack Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers...

Remote code execution

A remote code execution vulnerability exists when HTTP Protocol Stack Http.sys improperly handles objects in memory, aka "HTTP Protocol Stack Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers...

CVE-2018-8231

CVE-2018-8231 is a remote code execution vulnerability in Microsoft Windows HTTP.sys. The flaw occurs when Http.sys improperly handles objects in memory, allowing an attacker to gain control of the affected system by sending specially crafted requests. Affected products include Windows Server 201...

CVE-2018-8231

A remote code execution vulnerability exists when HTTP Protocol Stack Http.sys improperly handles objects in memory, aka "HTTP Protocol Stack Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers...

UBUNTU-CVE-2018-7161

All versions of Node.js 8.x, 9.x, and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service DoS by causing a node server providing an http2 server to crash. This can be accomplished by interacting with the http2 server in a manner that triggers a cleanup bug wher...