Lucene search
K

1172 matches found

Cvelist
Cvelist
added 2023/11/14 9:14 a.m.40 views

CVE-2023-31247

A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...

9CVSS9.9AI score0.01672EPSS
Exploits1References1
OSV
OSV
added 2023/11/14 9:14 a.m.33 views

CVE-2023-31247

A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...

9CVSS7.3AI score0.01672EPSS
Exploits1References4
Talos
Talos
added 2023/11/14 12:0 a.m.30 views

Weston Embedded uC-HTTP HTTP Server form boundary heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1733 Weston Embedded uC-HTTP HTTP Server form boundary heap-based buffer overflow vulnerability November 14, 2023 CVE Number CVE-2023-27882 SUMMARY A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston...

9.8CVSS9.8AI score0.01778EPSS
Exploits1
Talos
Talos
added 2023/11/14 12:0 a.m.38 views

Weston Embedded uC-HTTP HTTP Server out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1725 Weston Embedded uC-HTTP HTTP Server out-of-bounds write vulnerability November 14, 2023 CVE Number CVE-2023-24585 SUMMARY An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafte...

9.8CVSS8.9AI score0.01209EPSS
Exploits1
Talos
Talos
added 2023/11/14 12:0 a.m.63 views

Weston Embedded uC-HTTP HTTP Server Host header parsing memory corruption vulnerability

Talos Vulnerability Report TALOS-2023-1746 Weston Embedded uC-HTTP HTTP Server Host header parsing memory corruption vulnerability November 14, 2023 CVE Number CVE-2023-31247 SUMMARY A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded...

9.8CVSS9.9AI score0.01672EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.8 views

PT-2023-7289 · Unknown · Weston Embedded Uc-Http

Name of the Vulnerable Software and Affected Versions: Weston Embedded uC-HTTP version 3.01.01 Description: A memory corruption issue exists in the HTTP Server form boundary functionality. This can be triggered by a specially crafted network packet, potentially leading to code execution. An...

10CVSS9.6AI score0.01672EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.9 views

Fedora 39 : libpcap / tcpdump (2023-79335e1c60)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-79335e1c60 advisory. New versions of libpcap and tcpdump Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...

6.5CVSS7AI score0.00841EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.31 views

Ubuntu 16.04 ESM : collectd vulnerabilities (USN-4793-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4793-1 advisory. It was discovered that collectd mishandled certain malformed packets. A remote attacker could use this vulnerability to cause collectd to crash or possib...

10CVSS7.9AI score0.05695EPSS
Exploits0References4
NVD
NVD
added 2023/10/12 4:15 p.m.28 views

CVE-2023-31192

An information disclosure vulnerability exists in the ClientConnect functionality of SoftEther VPN 5.01.9674. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

5.3CVSS4.9AI score0.00976EPSS
Exploits1References3
NVD
NVD
added 2023/10/12 4:15 p.m.23 views

CVE-2023-27395

A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to arbitrary code execution. An attacker can perform a man-in-the-middle attack to trigger this...

9CVSS9.3AI score0.01543EPSS
Exploits1References3
OSV
OSV
added 2023/10/12 4:15 p.m.5 views

CVE-2023-27516

An authentication bypass vulnerability exists in the CiRpcAccepted functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network packet can lead to unauthorized access. An attacker can send a network request to trigger this vulnerability...

7.8CVSS7.1AI score0.0053EPSS
Exploits1References3
NVD
NVD
added 2023/10/12 4:15 p.m.23 views

CVE-2023-27516

An authentication bypass vulnerability exists in the CiRpcAccepted functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network packet can lead to unauthorized access. An attacker can send a network request to trigger this vulnerability...

7.8CVSS7.3AI score0.0053EPSS
Exploits1References3
NVD
NVD
added 2023/10/12 4:15 p.m.23 views

CVE-2023-23581

A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service...

7.5CVSS7.4AI score0.00834EPSS
Exploits1References2
NVD
NVD
added 2023/10/12 4:15 p.m.23 views

CVE-2023-22325

A denial of service vulnerability exists in the DCRegister DDNSRPCMAXRECVSIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

5.9CVSS5.5AI score0.00957EPSS
Exploits1References3
NVD
NVD
added 2023/10/12 4:15 p.m.29 views

CVE-2023-22308

An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability...

7.5CVSS7.3AI score0.00728EPSS
Exploits1References2
Prion
Prion
added 2023/10/12 4:15 p.m.20 views

Integer overflow

An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability...

5CVSS7.4AI score0.00728EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/10/12 4:15 p.m.15 views

Authentication flaw

An authentication bypass vulnerability exists in the CiRpcAccepted functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network packet can lead to unauthorized access. An attacker can send a network request to trigger this vulnerability...

4.3CVSS7.8AI score0.0053EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/10/12 4:15 p.m.19 views

Heap overflow

A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to arbitrary code execution. An attacker can perform a man-in-the-middle attack to trigger this...

5.1CVSS8.3AI score0.01543EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/10/12 4:15 p.m.19 views

Denial of service

A denial of service vulnerability exists in the DCRegister DDNSRPCMAXRECVSIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

2.6CVSS6.4AI score0.00957EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/10/12 4:15 p.m.21 views

Denial of service

A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service...

5CVSS7.4AI score0.00834EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder