Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce

CVE-2024-34102 Usage bash python3 CVE-2024-34102.py...

Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to a denial of service attack using HTTP/2 protocol. [CVE-2024-27316]

Summary IBM HTTP Server powered by Apache used by IBM i is vulnerable to a denial of service attack due to no limit of continuation fames in HTTP/2 protocol as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerability as described in t...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM DevOps Code ClearCase [CVE-2024-24795, CVE-2023-38709]

Summary IBM HTTP Server IHS is shipped as a component of IBM DevOps Code ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. CVE-2024-24795, CVE-2023-38709 Vulnerability Details Refer to the security bulletins listed in the...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1836)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM DevOps Code ClearCase [CVE-2023-52425]

Summary IBM HTTP Server IHS is shipped as a component of IBM DevOps Code ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. CVE-2023-52425 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

CVE-2024-29012

Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service DoS via sscanf function...

CVE-2024-29012

Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service DoS via sscanf function...

CVE-2024-29012

This CVE affects SonicOS HTTP server components in SonicWall SonicOS. The vulnerability is a stack-based buffer overflow in the HTTP server triggered through the sscanf function, allowing an authenticated remote attacker to cause Denial of Service (DoS). The SonicWall PSIRT notes there is no know...

CVE-2024-29012

Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service DoS via sscanf function...

Stack-based buffer overflow vulnerability in SonicOS HTTP server

Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service DoS via sscanf function.SonicWall PSIRT is not aware of active exploitation in the wild. No reports of a PoC have been made public and malicious use of this...

PT-2024-22671 · Sonicos · Sonicos

Name of the Vulnerable Software and Affected Versions: SonicOS affected versions not specified Description: A stack-based buffer overflow issue in the SonicOS HTTP server allows an authenticated remote attacker to cause a Denial of Service DoS via the sscanf function. Recommendations: At the...

CVE-2024-6146

Actiontec WCB6200Q uhgetpostdatawithupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...

CVE-2024-6146

Actiontec WCB6200Q uhgetpostdatawithupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...

CVE-2024-6144

Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...

CVE-2024-6145

Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exis...

CVE-2024-6143

Actiontec WCB6200Q uhtcprecvheader Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specifi...

CVE-2024-6142

Actiontec WCB6200Q uhtcprecvcontent Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specif...

CVE-2024-6146 Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability

Actiontec WCB6200Q uhgetpostdatawithupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...

CVE-2024-6146

CVE-2024-6146 concerns Actiontec WCB6200Q with a stack-based buffer overflow in the HTTP server function responsible for handling postdata with upload (uh_get_postdata_withupload). The flaw arises from insufficient validation of user-supplied data length before copying into a fixed-length stack-b...

CVE-2024-6146 Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability

Actiontec WCB6200Q uhgetpostdatawithupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...