Lucene search
K

1664 matches found

CNVD
CNVD
added 2016/06/17 12:0 a.m.6 views

Cisco RV110W/RV130W/RV215W Routers HTTP Request Buffer Overflow Vulnerability (CNVD-2016-04097 )

The Cisco RV130W Wireless-N is a multifunction VPN router; the Cisco RV110W/RV215W is a router that combines wired/wireless network connectivity, VPN, and firewall features. The Cisco RV110W/RV130W/RV215W routers have an HTTP request buffer overflow vulnerability that allows an unauthenticated,...

6.8CVSS7.2AI score0.0165EPSS
Exploits0References1
CNVD
CNVD
added 2016/06/07 12:0 a.m.5 views

Trend Micro Worry-Free Business Security and Worry-Free Business Security Services HTTP Header Injection Vulnerability

Trend Micro Worry-Free Business Security and Worry-Free Business Security Services are both antivirus programs from Trend Micro. An HTTP header injection vulnerability exists in Trend Micro Worry-Free Business Security version 9.0 and Worry-Free Business Security Services version 5.x, which can b...

6.1CVSS8.2AI score0.01589EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/05/31 5:56 a.m.6 views

squid: Header Smuggling issue in HTTP Request processing

An input validation flaw was found in Squid's mimegetheaderfield function, which is used to search for headers within HTTP requests. An attacker could send an HTTP request from the client side with specially crafted header Host header that bypasses same-origin security protections, causing Squid...

8.6CVSS7.1AI score0.38893EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/05/31 5:56 a.m.6 views

squid: Cache poisoning issue in HTTP Request handling

An input validation flaw was found in the way Squid handled intercepted HTTP Request messages. An attacker could use this flaw to bypass the protection against issues related to CVE-2009-0801, and perform cache poisoning attacks on Squid...

8.6CVSS7.2AI score0.79969EPSS
Exploits0References5
CNVD
CNVD
added 2016/05/22 12:0 a.m.3 views

Apple iOS/watchOS and OS X El Capitan MapKit Sensitive Information Disclosure Vulnerability

Apple iOS is an operating system on Apple's cell phones. oS X El Capitan is a specialized operating system developed for Mac computers. watchOS is a smartwatch operating system. Apple iOS\watchOS and OS X El Capitan's MapKit fails to properly handle HTTP and HTTPS requests, allowing an attacker t...

7.5CVSS6.6AI score0.02273EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/14 12:0 a.m.15 views

Microsoft Windows HTTP.sys Denial of Service Vulnerability

Microsoft Windows 10 is a set of next-generation cross-platform operating systems released by the U.S.-based Microsoft Corporation Microsoft for PCs and laptops, tablets, and cell phones, among other devices. A denial of service vulnerability exists in the HTTP 2.0 protocol stack HTTP.sys in...

7.8CVSS6.8AI score0.29352EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/02/08 12:0 a.m.14 views

The vulnerability of the Cisco Firepower Extensible Operating System allows a perpetrator to gain access to read the files.

The vulnerability of the Cisco Firepower Extensible Operating System is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to files through a specially crafted HTTP request...

5CVSS5.5AI score0.01217EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2016/01/28 12:0 a.m.5 views

The vulnerability of the Internet Explorer browser, which allows a hacker to bypass the protection against cross-site scripting attacks

The vulnerability of the Internet Explorer browser is caused by errors in the processing of HTTP responses. Exploiting this vulnerability allows a malicious actor to bypass security measures against cross-site scripting attacks from a remote location...

4.3CVSS5.3AI score0.12098EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/12/29 12:0 a.m.7 views

The vulnerability of the Firefox browser, which allows a violator to trigger a service failure

The vulnerability in the implementation of the HTTP/2 protocol in Firefox browsers arises from the loss of precision in calculations. Exploiting this vulnerability allows a malicious actor to cause a service failure—the appearance of an error message indicating “Assertion failure” or an emergency...

5CVSS7.2AI score0.02888EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/12/29 12:0 a.m.5 views

The vulnerability of the Firefox browser, which allows a violator to trigger a service failure

The vulnerability of the Firefox browser’s HTTP/2 implementation arises from the loss of a significant number of bits. Exploiting this vulnerability allows an attacker to cause a service failure remotely by triggering a “Assertion failure” error message and a premature termination of the service...

5CVSS7AI score0.02888EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2015/11/07 12:0 a.m.2 views

Mozilla Firefox HTTP Authentication Information Disclosure Vulnerability

Mozilla Firefox is an open source web browser. Mozilla Firefox uses NTLM v1 to perform HTTP authentication with a security vulnerability that allows remote attackers to build specially crafted Web sites to trick users into parsing for sensitive domain information...

4.3CVSS9AI score0.01874EPSS
Exploits0References1
CNVD
CNVD
added 2015/10/03 12:0 a.m.2 views

Cisco Email Security Appliance File Descriptor System Overload Vulnerability

The Cisco Email Security Appliance is a widely used email encryption gateway that seamlessly encrypts, decrypts, and digitally signs confidential email. A security vulnerability exists in the Cisco Email Security Appliance that allows remote attackers to exploit the vulnerability by submitting a...

6.8CVSS6.9AI score0.017EPSS
Exploits0References1
OSV
OSV
added 2015/05/20 10:59 a.m.5 views

UBUNTU-CVE-2015-1263

The Spellcheck API implementation in Google Chrome before 43.0.2357.65 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file...

4.3CVSS7.3AI score0.00989EPSS
Exploits0References5
CNVD
CNVD
added 2015/04/17 12:0 a.m.4 views

Oracle E-Business Suite suffers from a remote vulnerability (CNVD-2015-02472)

Oracle E-Business Suite is a new generation of e-business suite from Oracle. A remote security vulnerability exists in Oracle E-Business Suite. It allows attackers to exploit this vulnerability to compromise the 'Configurator DMZ rules' subcomponent in the 'HTTP' protocol...

4.3CVSS6.8AI score0.01949EPSS
Exploits0References1
CNVD
CNVD
added 2015/04/09 12:0 a.m.4 views

Apple Mac OS X/iOS CFNetwork HTTPProtocol Cross Domain COOKIE Disclosure Vulnerability

Apple Mac OS X is an operating system developed by Apple Inc. Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A cross-domain COOKIE disclosure vulnerability in the Apple Mac OS X/iOS CFNetwork HTTPProtocol handling redirection allows attackers to explo...

5CVSS6.2AI score0.01764EPSS
Exploits0References1
CNVD
CNVD
added 2015/02/05 12:0 a.m.4 views

SerVision HVG Video Gateway devices with firmware elevation of privilege vulnerability

SerVision HVG Video Gateway is an intelligent video gateway product from SerVision Israel. An elevation of privilege vulnerability exists in SerVision HVG Video Gateway devices with firmware. It allows an authenticated remote user to gain privileges by exploiting a cookie received in an HTTP...

9CVSS7.5AI score0.01833EPSS
Exploits0References1
CNVD
CNVD
added 2015/01/22 12:0 a.m.5 views

Siemens Scalance X Switches 'HTTP' Request Denial of Service Vulnerability

Siemens Scalance X Switches are switching devices developed by Siemens. The Siemens Scalance X Switches 'HTTP' request denial of service vulnerability allows an attacker to reboot the affected device and deny service to legitimate users...

7.8CVSS6.8AI score0.02201EPSS
Exploits0References1
CNVD
CNVD
added 2015/01/21 12:0 a.m.2 views

Oracle Transportation Management Remote Vulnerability (CNVD-2015-00483)

Oracle Transportation Manager is a transportation management system developed by Oracle Corporation. A remote vulnerability in Oracle Transportation Management allows attackers to exploit the 'HTTP' protocol to compromise the 'UI Infrastructure' subcomponent...

4CVSS6.8AI score0.01113EPSS
Exploits0References1
CNVD
CNVD
added 2015/01/21 12:0 a.m.2 views

Privoxy Denial of Service Vulnerability

Privoxy is a proxy server with filtering for HTTP and HTTPS protocols, often used in combination with Tor. A denial of service vulnerability exists in Privoxy that allows remote attackers to launch denial of service attacks via unspecified vectors...

5CVSS6.9AI score0.0129EPSS
Exploits0References1
CNVD
CNVD
added 2015/01/21 12:0 a.m.5 views

Oracle Transportation Management Remote Vulnerability (CNVD-2015-00482)

Oracle Transportation Manager is a transportation management system developed by Oracle Corporation. A remote vulnerability in Oracle Transportation Management allows attackers to exploit the 'HTTP' protocol to compromise the 'UI Infrastructure' subcomponent...

4.3CVSS6.8AI score0.01222EPSS
Exploits0References1
Rows per page
Query Builder