Lucene search
K

391 matches found

OpenVAS
OpenVAS
added 2022/08/24 12:0 a.m.19 views

openSUSE: Security Advisory for perl-HTTP-Daemon (SUSE-SU-2022:2874-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.3CVSS7AI score0.02108EPSS
Exploits1References2
OSV
OSV
added 2022/08/23 8:33 a.m.5 views

SUSE-SU-2022:2874-1 Security update for perl-HTTP-Daemon

This update for perl-HTTP-Daemon fixes the following issues: - CVE-2022-31081: Fixed request smuggling in HTTP::Daemon bsc1201157...

7.3CVSS7.1AI score0.02108EPSS
Exploits1References3
OSV
OSV
added 2022/08/23 8:12 a.m.3 views

SUSE-SU-2022:2872-1 Security update for perl-HTTP-Daemon

This update for perl-HTTP-Daemon fixes the following issues: - CVE-2022-31081: Fixed request smuggling in HTTP::Daemon bsc1201157...

7.3CVSS7.1AI score0.02108EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/08/05 12:0 a.m.5 views

PT-2022-19150 · Unknown +1 · Freshtomato +1

Name of the Vulnerable Software and Affected Versions: FreshTomato version 2022.1 Description: A memory corruption issue exists in the httpd unescape functionality. This can be triggered by a specially-crafted HTTP request, leading to memory corruption. An attacker can exploit this by sending a...

9.8CVSS5.5AI score0.01372EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/08/05 12:0 a.m.6 views

PT-2022-19151 · Unknown +1 · Freshtomato +1

Name of the Vulnerable Software and Affected Versions: FreshTomato version 2022.1 Description: A memory corruption issue exists in the httpd unescape functionality. This can be triggered by a specially-crafted HTTP request, leading to memory corruption. An attacker can exploit this by sending a...

9.8CVSS5.5AI score0.01206EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2022/07/18 11:36 a.m.58 views

USN-5520-2: HTTP-Daemon vulnerability

USN-5520-1 fixed a vulnerability in HTTP-Daemon. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that HTTP-Daemon incorrectly handled certain crafted requests. A remote attacker could possibly use this issue to...

7.3CVSS6.6AI score0.02108EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/07/18 12:0 a.m.48 views

Ubuntu 16.04 ESM : HTTP-Daemon vulnerability (USN-5520-2)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5520-2 advisory. USN-5520-1 fixed a vulnerability in HTTP-Daemon. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has extracted th...

7.3CVSS6.4AI score0.02108EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2022/07/14 12:35 p.m.61 views

USN-5520-1: HTTP-Daemon vulnerability

It was discovered that HTTP-Daemon incorrectly handled certain crafted requests. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack...

7.3CVSS6.6AI score0.02108EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/07/14 12:0 a.m.32 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : HTTP-Daemon vulnerability (USN-5520-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5520-1 advisory. It was discovered that HTTP-Daemon incorrectly handled certain crafted requests. A remote attacker could possibly use this issue to perfor...

7.3CVSS6.5AI score0.02108EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2022/07/07 9:49 p.m.37 views

CVE-2022-31081

HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applications are served ...

7.3CVSS0.7AI score0.02108EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/07/06 12:0 a.m.5 views

The vulnerability of the httpd module of the microprogramming system used in Tenda AC18 routers allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the httpd microprogramming system in the Tenda AC18 router lies in the writing beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS8AI score0.01312EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2022/07/06 12:0 a.m.5 views

The vulnerability of the httpd module in the microprogramming software of the Tenda AC18 router allows a hacker to cause a service failure.

The vulnerability of the httpd microprogramming system in the Tenda AC18 router is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure by making a request to the /goform/WifiExtraSet endpoint...

7.8CVSS7.5AI score0.01111EPSS
Exploits1References2
NVD
NVD
added 2022/06/27 9:15 p.m.15 views

CVE-2022-31081

HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applications are served ...

7.3CVSS0.02108EPSS
Exploits1References11
UbuntuCve
UbuntuCve
added 2022/06/27 9:15 p.m.35 views

CVE-2022-31081

HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applications are served ...

7.3CVSS6.7AI score0.02108EPSS
Exploits1References8
Prion
Prion
added 2022/06/27 9:15 p.m.17 views

Design/Logic Flaw

HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applications are served ...

6.4CVSS6.5AI score0.02108EPSS
Exploits1References11Affected Software1
OSV
OSV
added 2022/06/27 9:15 p.m.1 views

UBUNTU-CVE-2022-31081

HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applications are served ...

7.3CVSS6.6AI score0.02108EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2022/06/27 12:0 a.m.3 views

PT-2022-4815 · Nginx +8 · Nginx +8

Name of the Vulnerable Software and Affected Versions: HTTP::Daemon versions prior to 6.15 Description: The issue is related to inconsistent interpretation of HTTP requests when handling Content-Length values, potentially allowing a remote attacker to gain privileged access to APIs or poison...

7.5CVSS9.2AI score0.02108EPSS
Exploits1References52
CNNVD
CNNVD
added 2022/06/27 12:0 a.m.2 views

HTTP::Daemon 环境问题漏洞

HTTP::Daemon is a simple HTTP class. An environmental issue vulnerability exists in HTTP::Daemon versions prior to 6.15. An attacker could exploit this vulnerability to gain privileged access to the API or poison the intermediate cache...

7.3CVSS6.5AI score0.02108EPSS
Exploits1References19
OSV
OSV
added 2022/06/27 12:0 a.m.22 views

CVE-2022-31081 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in HTTP::Daemon

HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applications are served ...

7.3CVSS6.4AI score0.02108EPSS
Exploits1References13
CVE
CVE
added 2022/06/27 12:0 a.m.627 views

CVE-2022-31081

CVE-2022-31081 affects the Perl HTTP::Daemon library. Versions prior to 6.15 are vulnerable due to improper handling of the Content-Length header, which could enable HTTP request smuggling and potentially allow privileged access to APIs or poisoning of intermediate caches. The issue is documented...

7.3CVSS6.7AI score0.02108EPSS
Exploits1References11Affected Software1
Rows per page
Query Builder