Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

121 matches found

Positive Technologies
Positive Technologiesadded 2024/02/08 12:0 a.m.3 views

PT-2024-2334

Name of the Vulnerable Software and Affected Versions LibHTP versions prior to 0.5.46 Description The issue is related to excessive processing time of HTTP headers, leading to denial of service when crafted traffic is sent. This can be exploited by a remote attacker to cause a denial of service...

7.8CVSS6.8AI score0.00634EPSS
Exploits2References45
Tenable Nessus
Tenable Nessusadded 2022/12/23 12:0 a.m.8 views

Fedora 36 : suricata (2022-b916a7f4a1)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-b916a7f4a1 advisory. LibHTP has been updated to 0.5.42 and is bundled with the release. Various security, performance, accuracy and stability issues have been fixed. Tenable has...

5.6AI score
Exploits0References1
ossfuzz
ossfuzzadded 2019/12/11 1:17 p.m.14 views

libhtp:fuzz_htp: Crash in htp_connp_res_buffer

Project: https://github.com/OISF/libhtp.git Detailed Report: https://oss-fuzz.com/testcase?key=5746994274631680 Project: libhtp Fuzzing Engine: libFuzzer Fuzz Target: fuzzhtp Job Type: libfuzzermsanlibhtp Platform Id: linux Crash Type: UNKNOWN WRITE Crash Address: 0x701000010000 Crash State:...

6.8AI score
Exploits0Affected Software1
OSV
OSVadded 2019/10/10 1:6 a.m.17 views

CVE-2019-17420

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the httpheader signature to not alert on a response with a single \r\n ending...

5.3CVSS6.8AI score
Exploits0References3
OSV
OSVadded 2019/10/10 1:6 a.m.0 views

DEBIAN-CVE-2019-17420

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the httpheader signature to not alert on a response with a single \r\n ending...

5.3CVSS5.7AI score0.00242EPSS
Exploits0References1
NVD
NVDadded 2019/10/10 1:6 a.m.12 views

CVE-2019-17420

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the httpheader signature to not alert on a response with a single \r\n ending...

5.3CVSS5.2AI score0.00242EPSS
Exploits0References3
Prion
Prionadded 2019/10/10 1:6 a.m.16 views

Code injection

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the httpheader signature to not alert on a response with a single \r\n ending...

5CVSS5.2AI score0.00242EPSS
Exploits0References3Affected Software2
OSV
OSVadded 2019/10/10 1:6 a.m.1 views

UBUNTU-CVE-2019-17420

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the httpheader signature to not alert on a response with a single \r\n ending...

5.3CVSS5.8AI score0.00242EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2019/10/10 1:6 a.m.25 views

CVE-2019-17420

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the httpheader signature to not alert on a response with a single \r\n ending...

5.3CVSS6.1AI score0.00242EPSS
Exploits0References4
CVE
CVEadded 2019/10/09 11:29 p.m.123 views

CVE-2019-17420

CVE-2019-17420 affects LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products. The vulnerability arises from an HTTP protocol parsing error that causes the http_header signature to fail to alert on a response ending with a single CRLF ("\r\n"). Impact is that such responses may bypass...

5.3CVSS5.2AI score0.00242EPSS
Exploits0References3Affected Software2
Debian CVE
Debian CVEadded 2019/10/09 11:29 p.m.13 views

CVE-2019-17420

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the httpheader signature to not alert on a response with a single \r\n ending...

5.3CVSS5.2AI score0.00242EPSS
Exploits0
Cvelist
Cvelistadded 2019/10/09 11:29 p.m.12 views

CVE-2019-17420

In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the httpheader signature to not alert on a response with a single \r\n ending...

5.2AI score0.00242EPSS
Exploits0References3
ossfuzz
ossfuzzadded 2019/09/16 11:45 p.m.15 views

libhtp:fuzz_htp: Use-of-uninitialized-value in crc32

Project: https://github.com/OISF/libhtp.git Detailed Report: https://oss-fuzz.com/testcase?key=5629763112140800 Project: libhtp Fuzzing Engine: libFuzzer Fuzz Target: fuzzhtp Job Type: libfuzzermsanlibhtp Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: crc32...

7AI score
Exploits0Affected Software1
ossfuzz
ossfuzzadded 2019/09/15 2:2 p.m.22 views

libhtp:fuzz_htp: Heap-buffer-overflow in LzmaDec_DecodeToDic

Project: https://github.com/OISF/libhtp.git Detailed Report: https://oss-fuzz.com/testcase?key=5659352148475904 Project: libhtp Fuzzing Engine: afl Fuzz Target: fuzzhtp Job Type: aflasanlibhtp Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x621000003a6d Crash State:...

7AI score
Exploits0Affected Software1
ossfuzz
ossfuzzadded 2019/09/15 8:58 a.m.30 views

libhtp:fuzz_htp: Use-of-uninitialized-value in LzmaDec_TryDummy

Project: https://github.com/OISF/libhtp.git Detailed Report: https://oss-fuzz.com/testcase?key=5164808743157760 Project: libhtp Fuzzing Engine: libFuzzer Fuzz Target: fuzzhtp Job Type: libfuzzermsanlibhtp Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

7AI score
Exploits0Affected Software1
UbuntuCve
UbuntuCveadded 2019/04/04 4:29 p.m.17 views

CVE-2018-10243

htpparseauthorizationdigest in htpparsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header...

9.8CVSS7.3AI score0.00822EPSS
Exploits0References1
NVD
NVDadded 2019/04/04 4:29 p.m.15 views

CVE-2018-10243

htpparseauthorizationdigest in htpparsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header...

9.8CVSS9.4AI score0.00822EPSS
Exploits0References2
OSV
OSVadded 2019/04/04 4:29 p.m.0 views

DEBIAN-CVE-2018-10243

htpparseauthorizationdigest in htpparsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header...

9.8CVSS7.1AI score0.00822EPSS
Exploits0References1
OSV
OSVadded 2019/04/04 4:29 p.m.13 views

CVE-2018-10243

htpparseauthorizationdigest in htpparsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header...

9.8CVSS6.8AI score
Exploits0References2
CVE
CVEadded 2019/04/04 3:10 p.m.60 views

CVE-2018-10243

CVE-2018-10243 affects LibHTP 0.5.26: the function htp_parse_authorization_digest in htp_parsers.c can cause a heap-based buffer over-read when processing an authorization digest header. This is a remote, network-exploitable condition reported across multiple sources (OSV, Debian/NASL references)...

9.8CVSS9.2AI score0.00822EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder