Lucene search
K

3718 matches found

UbuntuCve
UbuntuCve
added 2013/06/19 12:0 a.m.23 views

CVE-2013-2175

HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdrip or other "hdr" functions with a negative occurrence count, allows remote attackers to cause a denial of service negative array index usage and crash via an HTTP header with a certain number of values, related to the...

5CVSS5.9AI score0.03519EPSS
Exploits0References3
w3af
w3af
added 2013/06/10 11:2 p.m.28 views

cors_origin

Inspect if application check that the value of the "Origin" HTTP header is consistent with the value of the remote IP address/Host of the sender of the incoming HTTP request. Configurable parameters are: originheadervalue Note : This plugin is useful to test "Cross Origin Resource Sharing CORS"...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2013/06/05 12:0 a.m.127 views

MiniUPnPd 1.0 - Remote Stack Buffer Overflow Remote Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'MiniUPnPd 1.0 Stack Buffer Overflow...

10CVSS7AI score0.69151EPSS
Exploits14
Metasploit
Metasploit
added 2013/06/04 1:53 p.m.72 views

MiniUPnPd 1.0 Stack Buffer Overflow Remote Code Execution

This module exploits the MiniUPnP 1.0 SOAP stack buffer overflow vulnerability present in the SOAPAction HTTP header handling. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MiniUPnPd 1.0 Stac...

10CVSS0.9AI score0.69151EPSS
Exploits14
Tenable Nessus
Tenable Nessus
added 2013/05/24 12:0 a.m.38 views

RT: Request Tracker < 3.8.17 / 4.0.13 Multiple Vulnerabilities

Binary data 6841.prm...

6.8CVSS8.9AI score0.02428EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2013/05/24 12:0 a.m.33 views

FreeBSD : RT -- multiple vulnerabilities (3a429192-c36a-11e2-97a9-6805ca0b3d42)

Thomas Sibley reports : We discovered a number of security vulnerabilities which affect both RT 3.8.x and RT 4.0.x. We are releasing RT versions 3.8.17 and 4.0.13 to resolve these vulnerabilities, as well as patches which apply atop all released versions of 3.8 and 4.0. The vulnerabilities...

6.8CVSS7.6AI score0.02428EPSS
Exploits0References12
Debian
Debian
added 2013/05/22 7:11 p.m.29 views

[SECURITY] [DSA 2670-1] request-tracker3.8 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2670-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 22, 2013 http://www.debian.org/security/faq -...

6.8CVSS0.2AI score0.02428EPSS
Exploits0
OpenVAS
OpenVAS
added 2013/05/22 12:0 a.m.34 views

Debian Security Advisory DSA 2671-1 (request-tracker4 - several vulnerabilities)

Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-4733 A user with the ModifyTicket right can bypass the DeleteTicket right or any custom...

6.8CVSS0.2AI score0.02428EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2013/05/21 12:0 a.m.30 views

Debian: Security Advisory (DSA-2670-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS8.8AI score0.02428EPSS
Exploits0References3
Prion
Prion
added 2013/05/15 3:36 a.m.13 views

Denial of service

HTTP.sys in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service infinite loop via a crafted HTTP header, aka "HTTP.sys Denial of Service Vulnerability."...

7.8CVSS6.8AI score0.54665EPSS
Exploits1References3Affected Software1
exploitpack
exploitpack
added 2013/05/15 12:0 a.m.22 views

Jojo CMS - x-forwarded-for HTTP header SQL Injection

Jojo CMS - x-forwarded-for HTTP header SQL Injection source: https://www.securityfocus.com/bid/59934/info Jojo CMS is prone to an SQL-injection vulnerability because it fails to sanitize user-supplied input. A successful exploit may allow an attacker to compromise the application, access or modif...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.165 views

Open-Xchange Security Advisory 2013-04-17

Open-Xchange Security Advisory multiple vulnerabilities Multiple security issues for Open-Xchange Server 6 and OX AppSuite have been discovered and fixed. The vendor has chosen a responsible full disclosure method to publish security issue details. Users of the software have already been provided...

5CVSS6.4AI score0.01046EPSS
Exploits0
securityvulns
securityvulns
added 2013/04/28 12:0 a.m.76 views

Multiple Vulnerabilities in D&#39;Link DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A

Device Name: DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A Vendor: D-Link ============ Device Description: ============ DIR-300: http://www.dlink.com/de/de/home-solutions/connect/routers/dir-300-wirele... DIR-615:...

Exploits0
Packet Storm
Packet Storm
added 2013/04/23 12:0 a.m.46 views

D-Link DIR-615 / DIR-300 XSS / CSRF / Command Injection / Insecure Crypto

Device Name: DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A Vendor: D-Link ============ Device Description: ============ DIR-300: http://www.dlink.com/de/de/home-solutions/connect/routers/dir-300-wirele... DIR-615:...

7.4AI score
Exploits0
0day.today
0day.today
added 2013/04/23 12:0 a.m.117 views

DLink DIR-615 Hardware rev D3 / DIR-300 - Hardware rev A - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Device Name: DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A Vendor: D-Link ============ Device Description: ============ DIR-300: http://www.dlink.com/de/de/home-solutions/connect/routers/dir-300-wirele... DIR-615:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2013/04/23 12:0 a.m.37 views

D-Link DIR-615 Rev D3 DIR-300 Rev A - Multiple Vulnerabilities

D-Link DIR-615 Rev D3 DIR-300 Rev A - Multiple Vulnerabilities Device Name: DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A Vendor: D-Link ============ Device Description: ============ DIR-300: http://www.dlink.com/de/de/home-solutions/connect/routers/dir-300-wirele... DIR-615:...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2013/04/23 12:0 a.m.87 views

D-Link DIR-615 Rev D3 / DIR-300 Rev A - Multiple Vulnerabilities

Device Name: DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A Vendor: D-Link ============ Device Description: ============ DIR-300: http://www.dlink.com/de/de/home-solutions/connect/routers/dir-300-wirele... DIR-615:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2013/04/22 12:0 a.m.72 views

SEC Consult SA-20130417-2 :: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server

SEC Consult Vulnerability Lab Security Advisory 20130417-2 ======================================================================= title: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server product: Oracle WebCenter Sites Satellite Server former FatWire Satellite Serv...

4CVSS5.7AI score0.02207EPSS
Exploits5
0day.today
0day.today
added 2013/04/18 12:0 a.m.91 views

Oracle WebCenter Sites Satellite Server - HTTP Header Injection

Exploit for windows platform in category web applications Vendor description: ------------------- FatWire Satellite Server is a predecessor product of Oracle WebCenter Sites Satellite Server. "Oracle WebCenter Sites Satellite Server enables organizations to deliver segmented, targeted, and...

4CVSS6.5AI score0.02207EPSS
Exploits5
exploitpack
exploitpack
added 2013/04/18 12:0 a.m.50 views

Oracle WebCenter Sites Satellite Server - HTTP Header Injection

Oracle WebCenter Sites Satellite Server - HTTP Header Injection SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server product: Oracle WebCenter...

4CVSS0.02207EPSS
Exploits5
Rows per page
Query Builder