Heap overflow

A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...

Memory corruption

A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2023-28391

A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafted network packets can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2023-25181

A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted set of network packets can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2023-24585

An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to memory corruption. An attacker can send a network request to trigger this vulnerability...

CVE-2023-24585

CVE-2023-24585 affects Weston Embedded uC-HTTP v3.01.01, specifically the HTTP Server functionality. The vulnerability is an out-of-bounds write that occurs while parsing an HTTP request method, which can lead to memory corruption (including heap corruption). An attacker can trigger this by sendi...

CVE-2023-25181

A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted set of network packets can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2023-24585

An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to memory corruption. An attacker can send a network request to trigger this vulnerability...

CVE-2023-28379

A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2023-27882

A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2023-27882

Talos advisory TALOS-2023-1733 documents a heap-based buffer overflow in Weston Embedded uC-HTTP server form boundary handling (v3.01.01), enabling code execution via a specially crafted network packet. Affected products/versions listed: Weston Embedded uC-HTTP v3.01.01, Cesium NET 3.07.01, Silic...

CVE-2023-28379

Cisco Talos details a normal-mode vulnerability: CVE-2023-28379 is a memory corruption in Weston Embedded uC-HTTP HTTP Server form boundary handling (uC-HTTP v3.01.01). TALOS-2023-1738 confirms the issue as a heap-based overflow when parsing the form boundary string, where the boundary length is ...

CVE-2023-28379

A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2023-31247

CVE-2023-31247 concerns a memory corruption in the HTTP Server Host header parsing of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can trigger code execution. Talos confirms this as a vulnerability affecting Weston Embedded uC-HTTP v3.01.01 and related platforms (Cesium NE...

CVE-2023-31247

A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...

PT-2023-7289 · Unknown · Weston Embedded Uc-Http

Name of the Vulnerable Software and Affected Versions: Weston Embedded uC-HTTP version 3.01.01 Description: A memory corruption issue exists in the HTTP Server form boundary functionality. This can be triggered by a specially crafted network packet, potentially leading to code execution. An...

PT-2023-7287 · Unknown · Weston Embedded Uc-Http

Name of the Vulnerable Software and Affected Versions: Weston Embedded uC-HTTP version 3.01.01 Description: A heap-based buffer overflow vulnerability exists in the HTTP Server functionality. This issue can be triggered by a specially crafted set of network packets, potentially leading to arbitra...

Micrium uC-HTTP Security Vulnerability

Micrium uC-HTTP is a software from Micrium USA that provides TCP/IP functionality for devices. The software is designed for embedded applications with a compact, reliable, high-performance TCP/IP stack with dual support for IPv4 and IPv6. A security vulnerability exists in Micrium uC-HTTP version...

PT-2023-8560 · Unknown · Weston Embedded Uc-Http

Name of the Vulnerable Software and Affected Versions: Weston Embedded uC-HTTP version 3.01.01 Description: A memory corruption issue exists in the HTTP Server Host header parsing functionality. This can be triggered by a specially crafted network packet, potentially leading to code execution. An...

Apache Airflow Authorization Problem Vulnerability (CNVD-2023-93318)

Apache HTTP Server Buffer Overflow Vulnerability CNVD-2023-93320...