Lucene search
K

16601 matches found

Vulnrichment
Vulnrichment
added 2024/07/08 9:21 p.m.13 views

CVE-2024-3653 Undertow: learningpushhandler can lead to remote memory dos attacks

A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...

5.3CVSS6.6AI score0.01866EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/07/08 9:21 p.m.62 views

CVE-2024-3653 Undertow: learningpushhandler can lead to remote memory dos attacks

A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...

5.3CVSS0.01866EPSS
Exploits0References8
CVE
CVE
added 2024/07/08 9:21 p.m.117 views

CVE-2024-3653

CVE-2024-3653 affects Undertow. The vulnerability arises when learning-push handler is enabled in server config (disabled by default); if maxAge is left at its default -1, the handler becomes vulnerable. An attacker with network access can reach the server with a normal HTTP request to exploit th...

5.3CVSS5.2AI score0.01866EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2024/07/08 9:21 p.m.11 views

CVE-2024-3653

A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...

5.3CVSS6.3AI score0.01866EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/07/08 9:20 p.m.27 views

CVE-2024-3653

A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...

5.3CVSS6.7AI score0.01866EPSS
Exploits0References3
NVD
NVD
added 2024/07/08 4:15 p.m.29 views

CVE-2023-47677

A cross-site request forgery csrf vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP request to trigger this vulnerability...

8.8CVSS0.00365EPSS
Exploits1References2
NVD
NVD
added 2024/07/08 4:15 p.m.22 views

CVE-2023-41251

A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

7.2CVSS0.01283EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/08 3:25 p.m.21 views

CVE-2023-47677

A cross-site request forgery csrf vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP request to trigger this vulnerability...

8.8CVSS0.00365EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/08 3:25 p.m.13 views

CVE-2023-47677

A cross-site request forgery csrf vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP request to trigger this vulnerability...

8.8CVSS6.8AI score0.00365EPSS
Exploits1References1
CVE
CVE
added 2024/07/08 3:25 p.m.44 views

CVE-2023-47677

Realtek rtl819x Jungle SDK v3.4.11 contains a CSRF vulnerability in its Boa web server (used by LevelOne WBR-6013). TALOS reports a cross-site request forgery that can be triggered by a specially crafted network packet, potentially causing state-changing actions on an authenticated device. Affect...

8.8CVSS8.7AI score0.00365EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/07/08 3:22 p.m.20 views

CVE-2023-41251

A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

7.2CVSS0.01283EPSS
Exploits0References1
CVE
CVE
added 2024/07/08 3:22 p.m.52 views

CVE-2023-41251

Summary: CVE-2023-41251 is a real vulnerability in Realtek rtl819x Jungle SDK v3.4.11 used by LevelOne WBR-6013 routers. The issue is a stack-based buffer overflow in Boa’s formRoute API when processing the subnet parameter, which can be triggered by a crafted HTTP request and may allow remote co...

7.2CVSS7.5AI score0.01283EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/08 3:22 p.m.17 views

CVE-2023-41251

A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

7.2CVSS8.1AI score0.01283EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/08 9:24 a.m.53 views

Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control

Summary Node.js is vulnerable to remote attacker to obtain sensitive information, denial of service, HTTP request smuggling and allow a local authenticated attacker to gain elevated privileges on the system. These vulnerabilities affect IBM Spectrum Control. CVE-2024-27983, CVE-2024-22019,...

8.2CVSS9AI score0.87211EPSS
Exploits1Affected Software1
OSV
OSV
added 2024/07/05 8:7 p.m.15 views

GHSA-P9CG-VQCC-GRCX Server Side Request Forgery (SSRF) attack in Fedify

Summary At present, when Fedify needs to retrieve an object or activity from a remote activitypub server, it makes a HTTP request to the @id or other resources present within the activity it has received from the web. This activity could reference an @id that points to an internal IP address,...

7.2CVSS7.1AI score0.006EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2024/07/05 8:7 p.m.69 views

Server Side Request Forgery (SSRF) attack in Fedify

Summary At present, when Fedify needs to retrieve an object or activity from a remote activitypub server, it makes a HTTP request to the @id or other resources present within the activity it has received from the web. This activity could reference an @id that points to an internal IP address,...

7.2CVSS6.9AI score0.006EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2024/07/05 5:39 p.m.50 views

CVE-2024-39687

Fedify (TypeScript) is affected by a Server Side Request Forgery (SSRF) flaw. When loading remote ActivityPub content, Fedify may fetch from URIs contained in activities/objects, and those URIs could point to internal IP addresses, enabling requests to internal network resources via the fetch pat...

7.2CVSS7AI score0.006EPSS
Exploits0References3
OSV
OSV
added 2024/07/05 5:39 p.m.19 views

CVE-2024-39687 Fedify vulnerable to allowing access to internal network resources

Fedify is a TypeScript library for building federated server apps powered by ActivityPub and other standards. At present, when Fedify needs to retrieve an object or activity from a remote activitypub server, it makes a HTTP request to the @id or other resources present within the activity it has...

7.2CVSS6.7AI score0.006EPSS
Exploits0References5
Veracode
Veracode
added 2024/07/04 11:24 a.m.12 views

URL Rewrite

zendframework/zendframework is vulnerable to URL Rewrite. The vulnerability is due to the request URI marshaling logic that introspects HTTP request headers specific to server-side URL rewrite mechanisms. When these headers are present on systems not running the specific URL rewriting mechanism,...

7.2AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/07/03 12:0 a.m.331 views

Deep Sea Electronics DSE855 Remote Authentication Bypass

Summary The DSE855 communications device allows monitoring of a single DSE controller with USB connectivity over a LAN or WAN connection. To achieve this the DSE855 utilises its in-built web server or MODBUS TCP. In order to use over a LAN connection the on-site router must be configured to be...

6.5CVSS6.5AI score0.02418EPSS
Exploits3
Rows per page
Query Builder