113 matches found
PT-2025-32212 · Undefined · Undefined
CVE-2025-54974 - Apache HTTP Server Denial of Service CVE ID : CVE-2025-54974 Published : Aug. 5, 2025, 4:16 a.m. | 2 hours, 19 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30133
An issue was discovered on IROAD Dashcam FX2 devices. Bypass of Device Pairing/Registration can occur. It requires device registration via the "IROAD X View" app for authentication, but its HTTP server lacks this restriction. Once connected to the dashcam's Wi-Fi network via the default password...
PT-2025-31107 · Iroad · Iroad Dash Cam Fx2
Name of the Vulnerable Software and Affected Versions: IROAD Dashcam FX2 affected versions not specified Description: A bypass of the device pairing/registration process was discovered. The HTTP server lacks restrictions, allowing direct access at http://192.168.10.1 after connecting to the...
CVE-2025-30133
An issue was discovered on IROAD Dashcam FX2 devices. Bypass of Device Pairing/Registration can occur. It requires device registration via the "IROAD X View" app for authentication, but its HTTP server lacks this restriction. Once connected to the dashcam's Wi-Fi network via the default password...
CVE-2025-53020
Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue...
CVE-2023-22019
Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Web Listener. The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful...
CVE-2023-24585
An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to memory corruption. An attacker can send a network request to trigger this vulnerability...
CVE-2021-35666
Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: OSSL Module. The supported version that is affected is 11.1.1.9.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle HTTP Server. Successful...
PT-2025-21639 · Undefined · Undefined
CVE-2025-4668 - Apache HTTP Server Deserialization Vulnerability CVE ID : CVE-2025-4668 Published : May 13, 2025, 9:16 p.m. | 2 hours, 7 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and...
CVE-2025-32909
A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniffmp4 function. The HTTP server may cause the libsoup client to crash...
Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow vulnerability
Talos Vulnerability Report TALOS-2024-2105 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow vulnerability April 14, 2025 CVE Number None,CVE-2025-2258 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of Eclipse ThreadX NetX Du...
Eclipse ThreadX NetX Duo HTTP server chunked PUT request integer underflow vulnerability
Talos Vulnerability Report TALOS-2024-2104 Eclipse ThreadX NetX Duo HTTP server chunked PUT request integer underflow vulnerability April 14, 2025 CVE Number None,CVE-2025-2259 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of Eclipse ThreadX NetX D...
USN-6885-4: Apache HTTP Server regression
USN-6885-1 fixed a vulnerability in Apache. The patch for CVE-2024-38474 was incomplete and caused regressions. This update provides the fix for that issue. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. A...
CVE-2025-2258
In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smaller than the data request size. A...
CVE-2025-2258 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow
In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smaller than the data request size. A...
CVE-2024-50594
An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.Thi...
CVE-2024-50597
An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects t...
CVE-2024-50596
An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects t...
CVE-2024-50385
A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects...
CVE-2024-50595
CVE-2024-50595 is a vulnerability in STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0 where an integer underflow in the NetX Duo HTTP server PUT handling can trigger denial of service. Specifically, in the NetX Duo Component HTTP Server (nx_http_server.c), processing of HTTP PUT requests can lead to an ...