5773 matches found
CVE-2019-17656
A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is...
CVE-2019-17656
A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is...
CVE-2019-17656
The CVE-2019-17656 entry describes a stack-based buffer overflow in Fortinet’s FortiOS HTTPD and FortiProxy, affecting FortiOS 6.0.10 and earlier, 6.2.2 and earlier, plus FortiProxy 1.0.x/1.1.x/1.2.9 and 2.0.0 and earlier. The vulnerability allows an authenticated remote attacker to crash the ser...
CVE-2021-28544
Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization authz rules. When a node has been copied from a protected location, users with access to the copy can see the 'copyfrom...
FortiProxy - HTTPD is vulnerable to a Stack-based Buffer Overflow vulnerability
...
CVE-2021-3449
A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...
USN-4848-1: mini_httpd vulnerability
It was discovered that ACME minihttpd did not properly handle HTTP GET requests with empty headers. A remote attacker could use this vulnerability to read arbitrary files...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-1602)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-1663)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.9.1 : httpd (EulerOS-SA-2021-1602)
According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge...
NewStart CGSL CORE 5.04 / MAIN 5.04 : httpd Multiple Vulnerabilities (NS-SA-2021-0036)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has httpd packages installed that are affected by multiple vulnerabilities: - In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded...
Apache Httpd < 2.4.48 : mod_session response handling heap overflow
Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted SessionHeader sent by an origin server could cause a heap overflow...
Important Photon OS Security Update - PHSA-2021-0365
Updates of 'glib', 'linux', 'linux-esx' packages of Photon OS have been released...
CVE-2020-27866
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this...
(0Day) D-Link DAP-3662 httpd Authentication Bypass Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-3662 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the httpd web server. A crafted HTTP...
ASUS RT-AX86U Buffer Overflow Vulnerability
ASUS RT-AX86U is a wireless router from ASUS China. ASUS RT-AX86U router firmware is vulnerable to a buffer overflow in the blocking request.cgi function of the httpd module, which could be exploited by an attacker to construct malicious data leading to code execution...
PT-2021-16511 · Belkin · Belkin Linksys Wrt160Nl
Name of the Vulnerable Software and Affected Versions: Belkin Linksys WRT160NL version 1.0.04.002 US 20130619 Description: The administration web interface on Belkin Linksys WRT160NL devices allows remote authenticated attackers to execute system commands with root privileges via shell...
CVE-2020-36109
ASUS RT-AX86U router firmware below version under 9.0.0.4386 has a buffer overflow in the blockingrequest.cgi function of the httpd module that can cause code execution when an attacker constructs malicious data...
CVE-2020-36109
ASUS RT-AX86U router firmware below version under 9.0.0.4386 has a buffer overflow in the blockingrequest.cgi function of the httpd module that can cause code execution when an attacker constructs malicious data...
Buffer overflow
ASUS RT-AX86U router firmware below version under 9.0.0.4386 has a buffer overflow in the blockingrequest.cgi function of the httpd module that can cause code execution when an attacker constructs malicious data...