Lucene search
K

113 matches found

Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.4 views

PT-2025-32212 · Undefined · Undefined

CVE-2025-54974 - Apache HTTP Server Denial of Service CVE ID : CVE-2025-54974 Published : Aug. 5, 2025, 4:16 a.m. | 2 hours, 19 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

6.6AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/30 1:0 a.m.7 views

CVE-2025-30133

An issue was discovered on IROAD Dashcam FX2 devices. Bypass of Device Pairing/Registration can occur. It requires device registration via the "IROAD X View" app for authentication, but its HTTP server lacks this restriction. Once connected to the dashcam's Wi-Fi network via the default password...

9.8CVSS7.3AI score0.00501EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/28 12:0 a.m.4 views

PT-2025-31107 · Iroad · Iroad Dash Cam Fx2

Name of the Vulnerable Software and Affected Versions: IROAD Dashcam FX2 affected versions not specified Description: A bypass of the device pairing/registration process was discovered. The HTTP server lacks restrictions, allowing direct access at http://192.168.10.1 after connecting to the...

9.8CVSS6.5AI score0.00501EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/07/28 12:0 a.m.10 views

CVE-2025-30133

An issue was discovered on IROAD Dashcam FX2 devices. Bypass of Device Pairing/Registration can occur. It requires device registration via the "IROAD X View" app for authentication, but its HTTP server lacks this restriction. Once connected to the dashcam's Wi-Fi network via the default password...

0.00501EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2025/07/10 4:59 p.m.9 views

CVE-2025-53020

Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue...

7.5CVSS6.5AI score0.04409EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:45 a.m.5 views

CVE-2023-22019

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Web Listener. The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful...

7.5CVSS6.6AI score0.0051EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:22 a.m.6 views

CVE-2023-24585

An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to memory corruption. An attacker can send a network request to trigger this vulnerability...

9.8CVSS6.8AI score0.01209EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:39 p.m.8 views

CVE-2021-35666

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: OSSL Module. The supported version that is affected is 11.1.1.9.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle HTTP Server. Successful...

7.1CVSS6.2AI score0.01204EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.5 views

PT-2025-21639 · Undefined · Undefined

CVE-2025-4668 - Apache HTTP Server Deserialization Vulnerability CVE ID : CVE-2025-4668 Published : May 13, 2025, 9:16 p.m. | 2 hours, 7 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and...

6.6AI score
Exploits0References1
OSV
OSV
added 2025/04/14 3:15 p.m.14 views

CVE-2025-32909

A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniffmp4 function. The HTTP server may cause the libsoup client to crash...

5.3CVSS6.5AI score0.00434EPSS
Exploits0References3
Talos
Talos
added 2025/04/14 12:0 a.m.8 views

Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2105 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow vulnerability April 14, 2025 CVE Number None,CVE-2025-2258 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of Eclipse ThreadX NetX Du...

7.5CVSS8.4AI score0.00845EPSS
Exploits0
Talos
Talos
added 2025/04/14 12:0 a.m.10 views

Eclipse ThreadX NetX Duo HTTP server chunked PUT request integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2104 Eclipse ThreadX NetX Duo HTTP server chunked PUT request integer underflow vulnerability April 14, 2025 CVE Number None,CVE-2025-2259 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of Eclipse ThreadX NetX D...

7.5CVSS8.3AI score0.00845EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/04/07 8:46 a.m.105 views

USN-6885-4: Apache HTTP Server regression

USN-6885-1 fixed a vulnerability in Apache. The patch for CVE-2024-38474 was incomplete and caused regressions. This update provides the fix for that issue. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. A...

7.7AI score
Exploits0References1
OSV
OSV
added 2025/04/06 7:15 p.m.8 views

CVE-2025-2258

In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smaller than the data request size. A...

7.5CVSS7AI score
Exploits0References3
Cvelist
Cvelist
added 2025/04/06 6:50 p.m.31 views

CVE-2025-2258 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow

In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smaller than the data request size. A...

5.3CVSS0.00845EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/04 2:44 p.m.12 views

CVE-2024-50594

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.Thi...

4.3CVSS7AI score0.00676EPSS
Exploits1References1
NVD
NVD
added 2025/04/02 2:15 p.m.10 views

CVE-2024-50597

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects t...

7.5CVSS0.00676EPSS
Exploits1References2
NVD
NVD
added 2025/04/02 2:15 p.m.26 views

CVE-2024-50596

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects t...

7.5CVSS0.00676EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/04/02 1:41 p.m.14 views

CVE-2024-50385

A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects...

6.5CVSS0.00677EPSS
Exploits1References1
CVE
CVE
added 2025/04/02 1:41 p.m.54 views

CVE-2024-50595

CVE-2024-50595 is a vulnerability in STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0 where an integer underflow in the NetX Duo HTTP server PUT handling can trigger denial of service. Specifically, in the NetX Duo Component HTTP Server (nx_http_server.c), processing of HTTP PUT requests can lead to an ...

7.5CVSS6.9AI score0.00676EPSS
Exploits1References2Affected Software10
Rows per page
Query Builder