14 matches found
PT-2025-50758
Name of the Vulnerable Software and Affected Versions minaliC version 2.0.0 Description minaliC version 2.0.0 contains a denial of service issue. Remote attackers can disrupt service by sending oversized GET requests. Specifically, crafted HTTP requests with excessive data can overwhelm the serve...
CVE-2012-10058
RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf when logging malformed HTTP requests. A remote attacker can exploit this flaw by sending a specially crafted URI, resulting in arbitrary code execution under the context of the web server proce...
The vulnerability of the graphical interface of Fortinet’s centralized device management solutions, FortiManager and FortiManager Cloud, as well as the security event monitoring and analysis solutions FortiAnalyzer, FortiAnalyzer Cloud, and FortiAnalyzer-BigData, allows a perpetrator to execute arbitrary code or commands.
The vulnerability of the graphical interface of Fortinet’s centralized device management solutions, FortiManager and FortiManager Cloud, as well as the security event monitoring and analysis solutions FortiAnalyzer, FortiAnalyzer Cloud, and FortiAnalyzer-BigData, exists due to the lack of measure...
ELECOM多款产品 缓冲区错误漏洞
ELECOM WRC-X3000GS2-W and others are products of ELECOM.ELECOM WRC-X3000GS2-W is a wireless router.ELECOM WRC-X3000GS2-B is a gigabit router.ELECOM WRC-X3000GS2A-B is a gigabit router. A buffer error vulnerability exists in various ELECOM products that originates from the processing of specially...
mIPC camera 安全漏洞
mIPC camera is a series of cameras from mIPC. A security vulnerability exists in versions prior to mIPC camera v5.4.1.240424171021, which stems from an operating system command injection flaw in the ccmdebug component that allows an attacker on the same network to execute arbitrary code via a...
The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business models RV016, RV042, RV042G, RV082, RV320, and RV325 allows a hacker to execute arbitrary commands.
The vulnerability of the web interface for managing microprogrammed software routers from Cisco, such as Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325, is related to insufficient validation of input data during the processing of HTTP packets. Exploiting this vulnerability...
varnish: Request Forgery Vulnerability
An HTTP Request Forgery issue was discovered in Varnish Cache. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could be used to exploit...
VMware Reactor Netty 安全漏洞
VMware Reactor Netty is a VMware USA company that provides non-blocking and backpressure-ready TCP/HTTP/UDP/QUIC clients and servers based on the Netty framework. A security vulnerability exists in VMware Reactor Netty versions 1.0.11 through 1.0.23, which stems from logging headers in the presen...
The vulnerability of HID Mercury programmable logic controllers’ microprogramming software lies in the copying of buffers without checking the size of the input data. This allows a malicious actor to cause malfunctions in the system.
The vulnerability of HID Mercury programmable logic controllers’ microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure through a specially crafted HT...
CVE-2022-22532
In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an unauthenticated attacker could submit a crafted HTTP server request which triggers improper shared memory buffer handling. This could allow the...
Schneider Electric Modicon M340 代码问题漏洞
The Schneider Electric Modicon M340 is a mid-range PLC programmable logic controller for industrial processes and infrastructure from Schneider Electric, France. A code issue vulnerability exists in the Schneider Electric Modicon M340, which can be exploited by an attacker to compile a request to...
Processmaker SQL注入漏洞
ProcessMaker is a software suite for workflow management that can be used to automate workflows, create documents, assign roles and users to processes, and more. download page /sysworkflow/en/neoclassic/reportTables/ in ProcessMaker 3.4.11 A SQL injection vulnerability exists in the sort paramete...
PT-2020-11933 · Citrix · Citrix Adc +1
Name of the Vulnerable Software and Affected Versions: Citrix Gateway versions 11.1 through 12.1 Description: The issue concerns an Inconsistent Interpretation of HTTP Requests. It is noted that Citrix disputes the reported behavior as not a security issue, stating that Citrix ADC only caches...
The vulnerability of the Windows operating system, which allows a perpetrator to trigger a service failure
The vulnerability of the HTTP.sys component in the Windows operating system is related to improper data processing. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure system shutdown through specially crafted HTTP 2.0 requests...