Cross site request forgery (csrf)

A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2020-13583

A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2020-13583

CVE-2020-13583 affects Micrium uC-HTTP 3.01.00. TALOS details describe a denial-of-service caused by a NULL pointer dereference in the uC-HTTP server when handling multipart form data; specifically, if FormCfgPtr is NULL or FormBoundaryPtr is not allocated, HTTPsReq_HdrParse can dereference a NUL...

Exploit for Improper Locking in Apple Ipados

It is an exploit module targeting Apache HTTP Serv...

Design/Logic Flaw

The mghttpservefile function in Cesanta Mongoose HTTP server 7.0 is vulnerable to remote OOB write attack via connection request after exhausting memory pool...

CVE-2021-26528

The CVE-2021-26528 issue affects Cesanta Mongoose HTTP server (7.0) where the function mg_http_serve_file is vulnerable to a remote OOB write after the memory pool is exhausted. This is documented as a high-severity (CVSS v3.1: 9.1, CRITICAL) network-facing vulnerability with potential impact to ...

CVE-2021-26528

The mghttpservefile function in Cesanta Mongoose HTTP server 7.0 is vulnerable to remote OOB write attack via connection request after exhausting memory pool...

PT-2021-3579 · Apache +9 · Apache Http Server +9

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.0 through 2.4.46 Description: The issue is related to a NULL pointer dereference caused by a specially crafted Cookie header handled by mod session, which can lead to a crash and a possible Denial Of Service...

Apache Httpd < 2.4.48 : mod_session NULL pointer dereference

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by modsession can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service...

sthttpd 缓冲区错误漏洞

sthttpd is an improved version of thttpd, a small, simple, fast and secure HTTP server implementation that supports HTTP/1.1. A denial of service vulnerability exists in sthttpd version 2.27.1 and earlier. The vulnerability is related to a memory error in the handling of the dedotdot function in...

RUSTSEC-2021-0020 Multiple Transfer-Encoding headers misinterprets request payload

hyper's HTTP server code had a flaw that incorrectly understands some requests with multiple transfer-encoding headers to have a chunked payload, when it should have been rejected as illegal. This combined with an upstream HTTP proxy that understands the request payload boundary differently can...

Multiple Transfer-Encoding headers misinterprets request payload

hyper's HTTP server code had a flaw that incorrectly understands some requests with multiple transfer-encoding headers to have a chunked payload, when it should have been rejected as illegal. This combined with an upstream HTTP proxy that understands the request payload boundary differently can...

Linux-Chrome-Recon - An Information Gathering Tool Used To Enumerate All Possible Data About An User From Google-Chrome Browser From Any Linux Distribution

"linux-chrome-recon" is a Information gathering tool used to enumerate all possible data about an user from Google-Chrome browser from any Linux distribution Intro 1.Loots possible data from Google-Chrome 2.Launches HTTP Server on /tmp directory Usefull 3.Simple script to receive data from...

Design/Logic Flaw

Http4s http4s-blaze-server is a minimal, idiomatic Scala interface for HTTP services. Http4s before versions 0.21.17, 0.22.0-M2, and 1.0.0-M14 have a vulnerability which can lead to a denial-of-service. Blaze-core, a library underlying http4s-blaze-server, accepts connections unboundedly on its...

Apache HTTP Server 1.2.2 - 1.3.24 / 2.0 - 2.0.36 DoS Vulnerability - Linux

Apache HTTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

CVE-2020-13582

A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2020-13582

A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...

Cross site request forgery (csrf)

A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2020-13582

Micrium uC-HTTP 3.01.00’s HTTP Server contains a denial-of-service vulnerability due to an unchecked return value in the header-parsing path. Specifically, in the boundary parsing of multipart forms, Str_Char_N may return NULL, and the code proceeds to dereference it, causing a crash (segmentatio...

CVE-2020-13582

A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...