Design/Logic Flaw

A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service DoS. The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk...

CVE-2024-22019

A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service DoS. The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk...

CVE-2024-22019

CVE-2024-22019 affects Node.js HTTP servers. The vulnerability arises from reading an unbounded number of bytes from a single connection due to unbounded chunk extension bytes in chunked encoding, enabling resource exhaustion and DoS. Impact: CPU and network bandwidth exhaustion, bypassing timeou...

Weston Embedded uC-HTTP HTTP Server heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1843 Weston Embedded uC-HTTP HTTP Server heap-based buffer overflow vulnerability February 20, 2024 CVE Number CVE-2023-45318 SUMMARY A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit...

WonderCMS 4.3.2 Cross Site Scripting / Remote Code Execution

Author: prodigiousMind Exploit: Wondercms 4.3.2 XSS to RCE import sys import requests import os import bs4 if lensys.argv4: print"usage: python3 exploit.py loginURL IPAddress Port\nexample: python3 exploit.py http://localhost/wondercms/loginURL 192.168.29.165 5252" else: data = ''' var url =...

Wondercms 4.3.2 - XSS to Remote Code Execute Exploit

Author: prodigiousMind Exploit: Wondercms 4.3.2 XSS to RCE import sys import requests import os import bs4 if lensys.argv4: print"usage: python3 exploit.py loginURL IPAddress Port\nexample: python3 exploit.py http://localhost/wondercms/loginURL 192.168.29.165 5252" else: data = ''' var url =...

Ubuntu 16.04 LTS / 18.04 LTS : curl vulnerability (USN-6641-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6641-1 advisory. Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that...

Wondercms 4.3.2 - XSS to RCE

Author: prodigiousMind Exploit: Wondercms 4.3.2 XSS to RCE import sys import requests import os import bs4 if lensys.argv4: print"usage: python3 exploit.py loginURL IPAddress Port\nexample: python3 exploit.py http://localhost/wondercms/loginURL 192.168.29.165 5252" else: data = ''' var url =...

Metabase 0.46.6 - Pre-Auth Remote Code Execution Exploit

Exploit Title: metabase 0.46.6 - Pre-Auth Remote Code Execution Exploit Author: Musyoka Ian Vendor Homepage: https://www.metabase.com/ Software Link: https://www.metabase.com/ Version: metabase 0.46.6 Tested on: Ubuntu 22.04, metabase 0.46.6 CVE : CVE-2023-38646 !/usr/bin/env python3 import socke...

Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to an attacker uploading arbitrary files and obtaining sensitive information (CVE-2023-45802, CVE-2023-31122)

Summary IBM HTTP Server powered by Apache used by IBM i is vulnerable to an attacker uploading arbitrary files due to improper validation CVE-2023-45802 and obtaining sensitive information due to an out of bounds read flaw CVE-2023-31122 as described in the vulnerability details section. This...

Metabase 0.46.6 Remote Code Execution

Exploit Title: metabase 0.46.6 - Pre-Auth Remote Code Execution Google Dork: N/A Date: 13-10-2023 Exploit Author: Musyoka Ian Vendor Homepage: https://www.metabase.com/ Software Link: https://www.metabase.com/ Version: metabase 0.46.6 Tested on: Ubuntu 22.04, metabase 0.46.6 CVE : CVE-2023-38646...

Metabase 0.46.6 - Pre-Auth Remote Code Execution

Exploit Title: metabase 0.46.6 - Pre-Auth Remote Code Execution Google Dork: N/A Date: 13-10-2023 Exploit Author: Musyoka Ian Vendor Homepage: https://www.metabase.com/ Software Link: https://www.metabase.com/ Version: metabase 0.46.6 Tested on: Ubuntu 22.04, metabase 0.46.6 CVE : CVE-2023-38646...

CVE-2024-24814

CVE-2024-24814 affects the mod_auth_openidc OpenID Connect Relying Party module for Apache 2.x. The issue arises from missing input validation on the mod_auth_openidc_session_chunks cookie, which can be manipulated to a very large value, causing the server to work hard, delay responses, and poten...

CVE-2024-24814 Denial of service when manipulating mod_auth_openidc_session_chunks cookie in mod_auth_openidc

modauthopenidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In affected versions missing input validation on modauthopenidcsessionchunks cookie value makes the server vulnerable to a...

The vulnerability of the HTTP-server’s header parsing function on the uC-HTTP server allows a attacker to execute arbitrary code.

The vulnerability of the HTTP server’s header parsing function on the uC-HTTP server is related to buffer overflow attacks. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

RLSA-2024:0387 Moderate: php:8.1 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS vulnerability when parsing multipart request body CVE-2023-0662 php: Missing error check and insufficient random bytes...

php:8.1 security update

An update is available for php-pecl-zip, module.php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-xdebug3, php-pecl-rrd, module.php-pecl-rrd, module.php-pecl-zip, php-pecl-apcu. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

br.com.zup.beagle:beagle-micronaut-starter (>=1.1.0 <=2.1.0), com.agorapulse:gru-micronaut (>=0.9.1 <=1.4.0) +169 more potentially affected by CVE-2024-23639 via io.micronaut:micronaut-http-server (>=1.0.0 <=3.8.2)

io.micronaut:micronaut-http-server MAVEN version =1.0.0, =1.1.0, =0.9.1, =1.0.0-micronaut-1.0, =3.0.7, =1.3.0, =0.1.0, =3.1.1, =1.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.2.0 - com.pulsarix.micronaut:micronaut-security-attributes =1.0.0 and more Source cves: CVE-2024-23639 Source...

br.com.zup.beagle:beagle-micronaut-starter (>=1.1.0 <=2.1.0), com.bertramlabs.plugins:asset-pipeline-micronaut (>=3.0.7 <=4.3.0) +40 more potentially affected by CVE-2024-23639 via io.micronaut:micronaut-http-server-netty (>=1.0.1 <=3.8.0)

io.micronaut:micronaut-http-server-netty MAVEN version =1.0.1, =1.1.0, =3.0.7, =1.3.0, =3.1.1, =0.99.0, =1.3.12, =0.1.0, =0.1.0, =1.0.6, =1.0.0, =3.2.0 - io.micronaut.example:micronaut-graphql-example-chat =1.4.0 - io.micronaut.example:micronaut-graphql-example-hello-world-groovy =1.4.0 -...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1192)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...