PT-2025-50758

Name of the Vulnerable Software and Affected Versions minaliC version 2.0.0 Description minaliC version 2.0.0 contains a denial of service issue. Remote attackers can disrupt service by sending oversized GET requests. Specifically, crafted HTTP requests with excessive data can overwhelm the serve...

CVE-2012-10058

RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf when logging malformed HTTP requests. A remote attacker can exploit this flaw by sending a specially crafted URI, resulting in arbitrary code execution under the context of the web server proce...

ELECOM多款产品 缓冲区错误漏洞

ELECOM WRC-X3000GS2-W and others are products of ELECOM.ELECOM WRC-X3000GS2-W is a wireless router.ELECOM WRC-X3000GS2-B is a gigabit router.ELECOM WRC-X3000GS2A-B is a gigabit router. A buffer error vulnerability exists in various ELECOM products that originates from the processing of specially...

mIPC camera 安全漏洞

mIPC camera is a series of cameras from mIPC. A security vulnerability exists in versions prior to mIPC camera v5.4.1.240424171021, which stems from an operating system command injection flaw in the ccmdebug component that allows an attacker on the same network to execute arbitrary code via a...

varnish: Request Forgery Vulnerability

An HTTP Request Forgery issue was discovered in Varnish Cache. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could be used to exploit...

VMware Reactor Netty 安全漏洞

VMware Reactor Netty is a VMware USA company that provides non-blocking and backpressure-ready TCP/HTTP/UDP/QUIC clients and servers based on the Netty framework. A security vulnerability exists in VMware Reactor Netty versions 1.0.11 through 1.0.23, which stems from logging headers in the presen...

CVE-2022-22532

In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an unauthenticated attacker could submit a crafted HTTP server request which triggers improper shared memory buffer handling. This could allow the...

Schneider Electric Modicon M340 代码问题漏洞

The Schneider Electric Modicon M340 is a mid-range PLC programmable logic controller for industrial processes and infrastructure from Schneider Electric, France. A code issue vulnerability exists in the Schneider Electric Modicon M340, which can be exploited by an attacker to compile a request to...

Processmaker SQL注入漏洞

ProcessMaker is a software suite for workflow management that can be used to automate workflows, create documents, assign roles and users to processes, and more. download page /sysworkflow/en/neoclassic/reportTables/ in ProcessMaker 3.4.11 A SQL injection vulnerability exists in the sort paramete...

PT-2020-11933 · Citrix · Citrix Adc +1

Name of the Vulnerable Software and Affected Versions: Citrix Gateway versions 11.1 through 12.1 Description: The issue concerns an Inconsistent Interpretation of HTTP Requests. It is noted that Citrix disputes the reported behavior as not a security issue, stating that Citrix ADC only caches...