Lucene search
+L

37 matches found

osv
osv
added 2024/04/16 9:32 a.m.7 views

SUSE-SU-2024:1309-1 Security update for nodejs18

This update for nodejs18 fixes the following issues: Update to 18.20.1 Security fixes: - CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::Http2Session that could lead to HTTP/2 server crash bsc1222244 - CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscatio...

8.2CVSS7.8AI score0.87211EPSS
Exploits3References11
osv
osv
added 2024/04/16 9:32 a.m.10 views

SUSE-SU-2024:1307-1 Security update for nodejs18

This update for nodejs18 fixes the following issues: Update to 18.20.1 Security fixes: - CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::Http2Session that could lead to HTTP/2 server crash bsc1222244 - CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscatio...

8.2CVSS7.8AI score0.87211EPSS
Exploits3References11
osv
osv
added 2024/04/16 1:33 a.m.7 views

SUSE-SU-2024:1301-1 Security update for nodejs20

This update for nodejs20 fixes the following issues: Update to 20.12.1 Security fixes: - CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::Http2Session that could lead to HTTP/2 server crash bsc1222244 - CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscatio...

8.2CVSS7.8AI score0.87211EPSS
Exploits3References11
osv
osv
added 2024/04/05 6:24 p.m.9 views

MGASA-2024-0110 Updated nodejs packages fix security vulnerabilities

Nodejs 20.12.1 release fixes 2 CVE: CVE-2024-27983 - Assertion failed in node::http2::Http2Session::Http2Session leads to HTTP/2 server crash- High CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - Medium...

8.2CVSS7AI score0.87211EPSS
Exploits1References3
osv
osv
added 2022/05/14 1:4 a.m.8 views

GHSA-68QQ-3PHH-53J7 mod_cluster Denial of Service vulnerability

modcluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service Apache http server crash via an MCMP message containing a series of = equals characters after a legitimate element...

7.5CVSS7.4AI score0.0364EPSS
Exploits0References16
osv
osv
added 2021/08/10 6:15 p.m.7 views

CVE-2021-28838

Null pointer dereference vulnerability in D-Link DAP-2310 2,10RC039, DAP-2330 1.10RC036 BETA, DAP-2360 2.10RC055, DAP-2553 3.10rc039 BETA, DAP-2660 1.15rc131b, DAP-2690 3.20RC115 BETA, DAP-2695 1.20RC093, DAP-3320 1.05RC027 BETA and DAP-3662 1.05rc069 in the sbin/httpd binary. The crash happens a...

7.5CVSS5.8AI score0.0222EPSS
Exploits1References3
prion
prion
added 2019/09/25 9:15 p.m.15 views

Code injection

A vulnerability in the HTTP server code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the HTTP server to crash. The vulnerability is due to a logical error in the logging mechanism. An attacker could exploit this vulnerability by generating a high amount of...

5CVSS7.5AI score0.01824EPSS
Exploits0References1Affected Software1
osv
osv
added 2019/07/26 1:15 p.m.5 views

CVE-2019-13954

Mikrotik RouterOS before 6.44.5 long-term release tree is vulnerable to memory exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system. Malicious code cannot be injected...

6.5CVSS5.8AI score0.04258EPSS
Exploits0References2
osv
osv
added 2019/07/26 1:15 p.m.5 views

CVE-2019-13955

Mikrotik RouterOS before 6.44.5 long-term release tree is vulnerable to stack exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. Malicious code cannot be injected...

6.5CVSS6.8AI score0.03754EPSS
Exploits0References2
osv
osv
added 2018/08/23 7:29 p.m.5 views

CVE-2018-1158

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON...

6.5CVSS5.8AI score0.02483EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2018/06/13 12:0 a.m.3 views

PT-2018-17923 · Node.Js · Node.Js

Name of the Vulnerable Software and Affected Versions: Node.js versions 9.x through 10.x Description: The issue allows an attacker to cause a denial of service DoS by crashing a node process that provides an http server supporting TLS server. This can be accomplished by sending duplicate or...

7.8CVSS7.2AI score0.06974EPSS
Exploits0References6
nvd
nvd
added 2016/09/26 2:59 p.m.27 views

CVE-2016-3110

modcluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service Apache http server crash via an MCMP message containing a series of = equals characters after a legitimate element...

7.5CVSS7.4AI score0.0364EPSS
Exploits0References11
cvelist
cvelist
added 2016/09/26 2:0 p.m.41 views

CVE-2016-3110

modcluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service Apache http server crash via an MCMP message containing a series of = equals characters after a legitimate element...

7.3AI score0.0364EPSS
Exploits0References11
cvelist
cvelist
added 2014/11/14 3:0 p.m.30 views

CVE-2014-8567

The modauthmellon module before 0.8.1 allows remote attackers to cause a denial of service Apache HTTP server crash via a crafted logout request that triggers a read of uninitialized data...

6.2AI score0.03588EPSS
Exploits0References6
securityvulns
securityvulns
added 2003/06/23 12:0 a.m.28 views

Myserver 0.4.1 DOS..

hi... Topic: MyServer 0.4.1 DOS Product: Myserver 0.4.1 http://myserverweb.sourceforge.net Note: yep, I'm on the dole, anyone wanna give me a job : Vendor Notification: Woooops, sorry i forgot ; Background: from homepage MyServer is a free and easy to configure web server. MyServer is licensed...

7.3AI score
Exploits0
packetstorm
packetstorm
added 2003/06/17 12:0 a.m.18 views

EnceladusServerSuite3.9.11.txt

Enceladus Server suite 3.9.11 Release Date: ------------- June 15,2003 Severity --------- HighRemote crash-code execution Systems Affected: ----------------- Enceladus Server Suite 3.9.11 possibly all the older versions are vulnerable Description: Enceladus Server Suite is a package that contains...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/04/28 12:0 a.m.46 views

Cisco HTTP possible bug:

If you have: ip http server in your running config not a great idea to have on a live router IMO on your router and you do: http://router-ip/ it crashes said router. I confirmed this on my 1005 running 11.124 and another fellow said it worked on his 2621 and 2524. Though he didnt give IOS version...

2.1AI score
Exploits0
Rows per page
Query Builder