Lucene search
K

247 matches found

BDU FSTEC
BDU FSTEC
added 2022/09/09 12:0 a.m.4 views

The vulnerability of the Mozilla Firefox browser, related to the lack of validation during the processing of incoming requests, allows attackers to gain access to confidential data and compromise its integrity.

The vulnerability of the Mozilla Firefox browser is related to the lack of validation during the processing of incoming requests. Exploiting this vulnerability allows a remote attacker to gain access to confidential data and compromise its integrity...

4.3CVSS6.7AI score0.00829EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/08/12 12:0 a.m.7 views

The vulnerability of the HTTP/2 protocol implementation in the Apache Traffic Server allows a attacker to execute arbitrary code.

The vulnerability of the HTTP/2 protocol implementation in the Apache Traffic Server web server is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.5CVSS7.6AI score0.01849EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/15 12:0 a.m.3 views

The vulnerability of the Node.js software platform, related to deficiencies in HTTP request processing, allows a perpetrator to carry out a “HTTP request hijacking” attack.

The vulnerability of the Node.js software platform is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a remote attacker to carry out an “HTTP request hijacking” attack...

7.5CVSS6.7AI score0.77278EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/05/15 4:15 p.m.2 views

CVE-2022-28937

FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node, via an invalid proposal with an invalid header, will cause normal nodes to stop producing new blocks and processing new clients' requests...

7.5CVSS5.9AI score0.0112EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.43 views

Oracle Linux 7 / 8 : olcne / istio / istio (ELSA-2022-9362)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9362 advisory. - Addresses CVE-2022-24726, CVE-2022-24921 istio Tenable has extracted the preceding description block directly from the Oracle Linux security...

7.5CVSS7.3AI score0.03255EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/04/27 12:0 a.m.7 views

The vulnerability of the History API component in the Cisco SD-WAN vManage network management system allows a attacker to disclose protected information.

The vulnerability of the History API component in the Cisco SD-WAN vManage network management system is related to errors in request processing. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

6.8CVSS6.1AI score0.00877EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/19 12:0 a.m.7 views

The vulnerability of the nginx HTTP server, related to deficiencies in HTTP request processing, allows attackers to gain unauthorized access to information.

The vulnerability of the nginx HTTP server is related to deficiencies in HTTP request processing. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to sensitive information...

5.3CVSS6.7AI score0.14961EPSS
Exploits3References13Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/03/25 12:0 a.m.6 views

The vulnerability of the Apache HTTP Server’s web server, related to HTTP request processing flaws, allows attackers to execute the “HTTP request hijacking” attack.

The vulnerability of the Apache HTTP Server is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to carry out an “HTTP request hijacking” attack...

6.4CVSS7.7AI score0.28189EPSS
Exploits0References18Affected Software8
Prion
Prion
added 2022/03/10 9:15 p.m.25 views

Design/Logic Flaw

Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, istiod, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing when the...

5CVSS7.9AI score0.01529EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/03/10 8:45 p.m.778 views

CVE-2022-24726

The CVE-2022-24726 entry affects Istio’s control plane (istiod) where a request processing error in the validating webhook, exposed publicly on TLS port 15017, can crash the control plane when a specially crafted message is processed. Affected versions have been patched in Istio releases 1.13.2, ...

7.5CVSS7.6AI score0.01529EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/01 12:0 a.m.8 views

The vulnerabilities of the SAP NetWeaver software integration platform, the SAP Content Server content server, and the SAP Web Dispatcher web dispatcher are related to deficiencies in HTTP request processing. This allows attackers to inject arbitrary code.

The vulnerability of the execute function in SAP software, specifically SAP ContentServer, and the software of SAP NetWeaver – the Content Server and the SAP Web Dispatcher – are related to HTTP request processing vulnerabilities. Exploiting these vulnerabilities allows a malicious actor to injec...

10CVSS8.3AI score0.97945EPSS
Exploits8References5Affected Software3
OSV
OSV
added 2022/02/23 2:59 p.m.57 views

GHSA-856Q-XV3C-7F2F Unauthenticated control plane denial of service attack in Istio

Impact The Istio control plane, istiod, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoint is served over TLS port 15012, but does not require any authentication from the...

7.5CVSS7.5AI score0.01625EPSS
Exploits0References5
Veracode
Veracode
added 2022/02/23 11:32 a.m.25 views

Denial Of Service (DoS)

github.com/istio/istio is vulnerable to denial of service DoS attacks. A malicious user is able to send a specifically crafted message causing a request processing error resulting a control plane crash...

7.5CVSS2.8AI score0.01625EPSS
Exploits0References9Affected Software2
Prion
Prion
added 2022/02/22 10:15 p.m.28 views

Design/Logic Flaw

Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, istiod, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoin...

5CVSS7.5AI score0.01625EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/22 12:0 a.m.8 views

The vulnerability of the MariaDB database management system, related to buffer overflows in dynamic memory, allows attackers to execute arbitrary code.

The vulnerability of the MariaDB database management system is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code during request processing via CONNECT...

7CVSS8AI score0.00645EPSS
Exploits0References9Affected Software5
CNNVD
CNNVD
added 2022/02/22 12:0 a.m.3 views

Istio 授权问题漏洞

Istio is an open platform for connecting, managing and securing microservices. Istio suffers from an authorization issue vulnerability that stems from the Istio control plane "istiod" being susceptible to request processing errors in the affected version. An attacker could use this vulnerability ...

7.5CVSS7.2AI score0.01625EPSS
Exploits0References8
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2022/01/26 12:11 p.m.45 views

Server side template injection — SSTI vulnerability ⚠️

Server side template injection — SSTI vulnerability ⚠️ Introduction There is hardly any software development or other linked elements that haven’t fallen into the trap of cyber vulnerabilities. Templates, used for HTML code management on the server-side, are amongst them. The attack targeting the...

8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/01/17 12:0 a.m.6 views

The vulnerability of the free Apache2 web server, related to HTTP request processing flaws, allows attackers to compromise data integrity.

The vulnerability of the free Apache2 web server is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to compromise data integrity...

5.3CVSS6.6AI score0.60266EPSS
Exploits0References12Affected Software7
OSV
OSV
added 2021/12/23 8:15 p.m.3 views

ALPINE-CVE-2021-44541

A vulnerability was found in Privoxy which was fixed in processencryptedrequestheaders by freeing header memory when failing to get the request destination...

7.5CVSS6.9AI score0.01393EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/12/16 12:0 a.m.3 views

The vulnerability of the Thunderbird email client and the Firefox browser is related to deficiencies in HTTP request processing, which allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the Thunderbird email client and the Firefox browser is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks remotely...

8.1CVSS7.2AI score0.00885EPSS
Exploits0References6Affected Software7
Rows per page
Query Builder