9 matches found
CVE-2023-40052
This issue affects Progress Application Server PAS for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0 . An attacker who can produce a malformed web request may cause the crash of a PASOE agent potentially disrupting the thread activities...
PT-2025-41862
A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family incl. SIPLUS variants All versions V2.0.3, SIMATIC S7-1200 CPU V2 family incl. SIPLUS variants All versions V2.0.3. The web server interface of affected devices improperly processes incoming malformed HTTP traffic at high rate...
CVE-2012-10058 RabidHamster R4 Log Entry sprintf() Buffer Overflow
RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf when logging malformed HTTP requests. A remote attacker can exploit this flaw by sending a specially crafted URI, resulting in arbitrary code execution under the context of the web server proce...
Advantech ADAM-5630 Cross-Site Request Forgery Vulnerability
Advantech ADAM-5630 is an edge intelligent data acquisition controller from Advantech, China. The Advantech ADAM-5630 suffers from a cross-site request forgery vulnerability that is caused by improper validation of user-supplied input. An attacker could use this vulnerability to perform...
Schneider Electric SAGE RTUs Security Vulnerability
Schneider Electric SAGE RTUs is a high-performance device for industrial automation and remote monitoring from Schneider Electric France. A security vulnerability exists in the Schneider Electric SAGE RTUs that stems from buffer copying without checking the input size, which could allow a user wi...
PT-2022-20947 · Trihedral · Vtscada
Name of the Vulnerable Software and Affected Versions: Trihedral VTScada versions prior to 12.0.38 Description: An issue exists due to improper input validation, where a specifically malformed HTTP request could cause the affected system to crash. Both local area network LAN-only and...
D-Link DIR-865L Cross-Site Request Forgery Vulnerability (CNVD-2020-33172)
The D-Link DIR-865L is a wireless router from AUO D-Link of Taiwan, China. A cross-site request forgery vulnerability exists in the D-Link DIR-865L Ax version 1.20B01 Beta, which originates from the program failing to properly validate user input. A remote attacker could exploit this vulnerabilit...
Canon GP300 - Remote GET Denial of Service
source: https://www.securityfocus.com/bid/8121/info A problem in the Canon GP-300 has been reported in the handling of some types of malformed web requests. This issue could result in the denial of service to legitmate users of the print server. GET /...
HP Instant TopTools DoS
DoS on malcrafted Web requests to TCP/280...