11631 matches found
Weston Embedded uC-HTTP Buffer Error Vulnerability
Micrium uC-HTTP is a software from Micrium USA that provides TCP/IP functionality for devices. The software is designed for embedded applications with a compact, reliable, high-performance TCP/IP stack with dual support for IPv4 and IPv6. A buffer error vulnerability exists in Weston Embedded...
Weston Embedded uC-HTTP HTTP Server form boundary heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1733 Weston Embedded uC-HTTP HTTP Server form boundary heap-based buffer overflow vulnerability November 14, 2023 CVE Number CVE-2023-27882 SUMMARY A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston...
Weston Embedded uC-HTTP HTTP Server form boundary memory corruption vulnerability
Talos Vulnerability Report TALOS-2023-1738 Weston Embedded uC-HTTP HTTP Server form boundary memory corruption vulnerability November 14, 2023 CVE Number CVE-2023-28379 SUMMARY A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP...
Weston Embedded uC-HTTP HTTP Server Host header parsing memory corruption vulnerability
Talos Vulnerability Report TALOS-2023-1746 Weston Embedded uC-HTTP HTTP Server Host header parsing memory corruption vulnerability November 14, 2023 CVE Number CVE-2023-31247 SUMMARY A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded...
Weston Embedded uC-HTTP HTTP Server out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2023-1725 Weston Embedded uC-HTTP HTTP Server out-of-bounds write vulnerability November 14, 2023 CVE Number CVE-2023-24585 SUMMARY An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafte...
Weston Embedded uC-HTTP HTTP Server buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1726 Weston Embedded uC-HTTP HTTP Server buffer overflow vulnerability November 14, 2023 CVE Number CVE-2023-25181 SUMMARY A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially...
Weston Embedded uC-HTTP HTTP Server memory corruption vulnerability
Talos Vulnerability Report TALOS-2023-1732 Weston Embedded uC-HTTP HTTP Server memory corruption vulnerability November 14, 2023 CVE Number CVE-2023-28391 SUMMARY A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Speciall...
ALSA-2023:7090 Moderate: libmicrohttpd security update
GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. Security Fixes: libmicrohttpd: remote DoS CVE-2023-27371 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...
SUSE SLES15 Security Update : apache2 (SUSE-SU-2023:4431-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4431-1 advisory. - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122...
SUSE SLES15 Security Update : apache2 (SUSE-SU-2023:4432-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4432-1 advisory. - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122...
Moderate: libmicrohttpd security update
GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. Security Fixes: libmicrohttpd: remote DoS CVE-2023-27371 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...
ALSA-2023:6940 Moderate: mod_auth_openidc:2.3 security and bug fix update
The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...
Moderate: mod_auth_openidc:2.3 security and bug fix update
The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...
Tenda RX9 Pro Buffer Overflow Vulnerability
The Tenda RX9 Pro is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda RX9 Pro version v22.03.02.20, which originates from a failure to properly validate the length and size of incoming data in the HTTP server component, and can be exploited by a...
NewStart CGSL MAIN 6.06 : curl Multiple Vulnerabilities (NS-SA-2023-0137)
The remote NewStart CGSL host, running version MAIN 6.06, has curl packages installed that are affected by multiple vulnerabilities: - When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might mak...
PT-2023-9644 · Cisco · Cisco Ios Xe
Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service feature is enabled could allow an unauthenticated, remote attacker to cause a...
Fedora: Security Advisory for httpd (FEDORA-2023-3d1bf0ee44)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: mod_auth_openidc security and bug fix update
An update for modauthopenidc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Moderate: Red Hat Security Advisory: libmicrohttpd security update
An update for libmicrohttpd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
httpd: mod_proxy_uwsgi HTTP response splitting
An HTTP Response Smuggling vulnerability was found in the Apache HTTP Server via modproxyuwsgi. This security issue occurs when special characters in the origin response header can truncate or split the response forwarded to the client...