Lucene search
K

14 matches found

Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.7 views

PT-2025-50758

Name of the Vulnerable Software and Affected Versions minaliC version 2.0.0 Description minaliC version 2.0.0 contains a denial of service issue. Remote attackers can disrupt service by sending oversized GET requests. Specifically, crafted HTTP requests with excessive data can overwhelm the serve...

8.7CVSS6.5AI score0.00426EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/08/15 9:29 p.m.10 views

CVE-2012-10058

RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf when logging malformed HTTP requests. A remote attacker can exploit this flaw by sending a specially crafted URI, resulting in arbitrary code execution under the context of the web server proce...

10CVSS8.4AI score0.01317EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/02/17 12:0 a.m.8 views

The vulnerability of the graphical interface of Fortinet’s centralized device management solutions, FortiManager and FortiManager Cloud, as well as the security event monitoring and analysis solutions FortiAnalyzer, FortiAnalyzer Cloud, and FortiAnalyzer-BigData, allows a perpetrator to execute arbitrary code or commands.

The vulnerability of the graphical interface of Fortinet’s centralized device management solutions, FortiManager and FortiManager Cloud, as well as the security event monitoring and analysis solutions FortiAnalyzer, FortiAnalyzer Cloud, and FortiAnalyzer-BigData, exists due to the lack of measure...

9CVSS6AI score0.01885EPSS
Exploits0References3Affected Software5
CNNVD
CNNVD
added 2024/08/27 12:0 a.m.4 views

ELECOM多款产品 缓冲区错误漏洞

ELECOM WRC-X3000GS2-W and others are products of ELECOM.ELECOM WRC-X3000GS2-W is a wireless router.ELECOM WRC-X3000GS2-B is a gigabit router.ELECOM WRC-X3000GS2A-B is a gigabit router. A buffer error vulnerability exists in various ELECOM products that originates from the processing of specially...

9.8CVSS9AI score0.00943EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.6 views

mIPC camera 安全漏洞

mIPC camera is a series of cameras from mIPC. A security vulnerability exists in versions prior to mIPC camera v5.4.1.240424171021, which stems from an operating system command injection flaw in the ccmdebug component that allows an attacker on the same network to execute arbitrary code via a...

8.8CVSS7.9AI score0.01707EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/05/04 12:0 a.m.9 views

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business models RV016, RV042, RV042G, RV082, RV320, and RV325 allows a hacker to execute arbitrary commands.

The vulnerability of the web interface for managing microprogrammed software routers from Cisco, such as Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325, is related to insufficient validation of input data during the processing of HTTP packets. Exploiting this vulnerability...

8.5CVSS7.7AI score0.53827EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/11/28 10:58 a.m.3 views

varnish: Request Forgery Vulnerability

An HTTP Request Forgery issue was discovered in Varnish Cache. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could be used to exploit...

7.5CVSS7.2AI score0.00928EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/10/19 12:0 a.m.5 views

VMware Reactor Netty 安全漏洞

VMware Reactor Netty is a VMware USA company that provides non-blocking and backpressure-ready TCP/HTTP/UDP/QUIC clients and servers based on the Netty framework. A security vulnerability exists in VMware Reactor Netty versions 1.0.11 through 1.0.23, which stems from logging headers in the presen...

4.3CVSS5.8AI score0.00604EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/06/10 12:0 a.m.7 views

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software lies in the copying of buffers without checking the size of the input data. This allows a malicious actor to cause malfunctions in the system.

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure through a specially crafted HT...

7.8CVSS7.4AI score0.00972EPSS
Exploits0References7Affected Software9
ATTACKERKB
ATTACKERKB
added 2022/02/09 11:15 p.m.5 views

CVE-2022-22532

In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an unauthenticated attacker could submit a crafted HTTP server request which triggers improper shared memory buffer handling. This could allow the...

9.8CVSS7.5AI score0.02372EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2020/12/11 12:0 a.m.6 views

Schneider Electric Modicon M340 代码问题漏洞

The Schneider Electric Modicon M340 is a mid-range PLC programmable logic controller for industrial processes and infrastructure from Schneider Electric, France. A code issue vulnerability exists in the Schneider Electric Modicon M340, which can be exploited by an attacker to compile a request to...

5.3CVSS6.1AI score0.0102EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/11/17 12:0 a.m.7 views

Processmaker SQL注入漏洞

ProcessMaker is a software suite for workflow management that can be used to automate workflows, create documents, assign roles and users to processes, and more. download page /sysworkflow/en/neoclassic/reportTables/ in ProcessMaker 3.4.11 A SQL injection vulnerability exists in the sort paramete...

8.8CVSS6.8AI score0.01682EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2020/03/06 12:0 a.m.12 views

PT-2020-11933 · Citrix · Citrix Adc +1

Name of the Vulnerable Software and Affected Versions: Citrix Gateway versions 11.1 through 12.1 Description: The issue concerns an Inconsistent Interpretation of HTTP Requests. It is noted that Citrix disputes the reported behavior as not a security issue, stating that Citrix ADC only caches...

7.5CVSS7AI score0.0195EPSS
Exploits3References7
BDU FSTEC
BDU FSTEC
added 2016/04/28 12:0 a.m.4 views

The vulnerability of the Windows operating system, which allows a perpetrator to trigger a service failure

The vulnerability of the HTTP.sys component in the Windows operating system is related to improper data processing. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure system shutdown through specially crafted HTTP 2.0 requests...

7.8CVSS7.5AI score0.29352EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder