CVE-2019-17420

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the httpheader signature to not alert on a response with a single \r\n ending...

LY Corporation: Get-based SSRF limited to HTTP protocol on https://resizer.line-apps.com/form

A SSRF in the resizer's /form endpoint allowed for leaking HTTP protocol based information from our internal network. The vulnerability could be used to scan ports and get service banners like SSH versions etc, but it was also possible to leak images available on the internal network. If an...

HTTP/2: 0-length headers lead to denial of service

A flaw was found in HTTP/2. An attacker, sending a stream of header with a 0-length header name and a 0-length header value, could cause some implementations to allocate memory for these headers and keep the allocations alive until the session dies. The can consume excess memory, potentially...

HTTP/2: flood using empty frames results in excessive resource consumption

A flaw was found in HTTP/2. Using frames with an empty payload, a flood could occur that results in excessive CPU usage and starvation of other clients. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using SETTINGS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

File Sharing Wizard 1.5.0 - POST SEH Overflow

import socket from struct import Exploit Title: File sharing wizard 'post' remote SEH overflow Date: 9/23/2019 Exploit Author: x00pwn Software Link: https://file-sharing-wizard.soft112.com/ Version: 1.5.0 Tested on: Windows 7 CVE : CVE-2019-16724 File-sharing-wizard-seh...

Flaws in Over Half a Million GPS Trackers Expose Children Location Data

What if the tech intended to ensure that your kids, senior citizens, and pets are safe even when they're out of sight inadvertently expose them to stalkers? An estimated 600,000 GPS tracking devices for sale on Amazon and other large online merchants for $25–$50 have been found vulnerable to a...

The vulnerability of the Print Server sub-component of the Oracle One-to-One Fulfillment component of the Oracle E-Business Suite allows a malicious actor to gain access to modify, add, or delete data using the HTTP protocol.

The vulnerability of the Print Server sub-component of the Oracle One-to-One Fulfillment component in the Oracle E-Business Suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete data...

The vulnerability of the Load Testing component in the Oracle Application Testing Suite, which is used for testing web applications, web services, and databases, allows a hacker to gain access to protected information, alter file access rights, or cause partial service disruption.

The vulnerability of the Load Testing component in the Oracle Application Testing Suite, which is used for testing web applications, web services, and databases, relates to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain access to protected...

UBUNTU-CVE-2019-10081

HTTP/2 2.4.20 through 2.4.39 very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client...

DEBIAN-CVE-2019-9518

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSHPROMISE. The peer spends ti...

NewStart CGSL MAIN 4.05 : httpd Multiple Vulnerabilities (NS-SA-2019-0118)

The remote NewStart CGSL host, running version MAIN 4.05, has httpd packages installed that are affected by multiple vulnerabilities: - Off-by-one error in the modssl Certificate Revocation List CRL verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a...

Low: Red Hat Security Advisory: curl security and bug fix update

An update for curl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

The vulnerability of the Territory Administration sub-component of the Oracle Territory Management component of the Oracle E-Business Suite allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Territory Administration sub-component of the Oracle Territory Management component in the Oracle E-Business Suite system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add...

The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component in the Oracle E-Business Suite system allows a malicious actor to gain access to modify, add, or delete data.

The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component in the Oracle E-Business Suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete data...

Debian: Security Advisory (DLA-1858-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-11578

CVE-2017-11578 affects the Blipcare wireless blood pressure monitor. The device exposes its web management interface over plain HTTP (non-SSL), allowing an attacker on the same wireless network to conduct a MITM and sniff the user’s Wi‑Fi credentials. The impact is disclosure of credentials witho...

vulners NSE Script

For each available CPE the script prints out known vulns links to the correspondent info and correspondent CVSS scores. Its work is pretty simple: work only when some software version is identified for an open port take all the known CPEs for that software from the standard nmap -sV output make a...

CVE-2018-16618

VTech Storio Max before 56.D3JM6 allows remote command execution via shell metacharacters in an Android activity name. It exposes the storeintenttranslate.x service on port 1668 listening for requests on localhost. Requests submitted to this service are checked for a string of random characters...

Command injection

VTech Storio Max before 56.D3JM6 allows remote command execution via shell metacharacters in an Android activity name. It exposes the storeintenttranslate.x service on port 1668 listening for requests on localhost. Requests submitted to this service are checked for a string of random characters...