Lucene search
K

361 matches found

Hacker One
Hacker One
added 2016/03/17 12:52 a.m.18 views

Gratipay: suppress version in Server header on gratipay.com or grtp.co

Summary: Server version information is returned in the response headers. Estimated severity: Low More info: Any page requested on the site returns a lot of information in the response headers. This information includes specific version information for the server and proxy. The following version...

0.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/01/28 12:0 a.m.12 views

The vulnerability of the Microsoft Edge browser, which allows a hacker to bypass the protection against cross-site scripting attacks

The vulnerability of Microsoft Edge is caused by errors in the processing of HTTP response headers. Exploiting this vulnerability allows a malicious actor to bypass the protection mechanisms against cross-site scripting attacks...

4.3CVSS5.2AI score0.10826EPSS
Exploits2References2
FreeBSD
FreeBSD
added 2016/01/13 12:0 a.m.29 views

h2o -- directory traversal vulnerability

Yakuzo OKU reports: When redirect directive is used, this flaw allows a remote attacker to inject response headers into an HTTP redirect response...

4.3CVSS4.8AI score0.01459EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2015/03/20 12:0 a.m.47 views

Airties Air5650TT Modem Cross Site Scripting

Airties Air5650TT Modem Web Interface Reflected XSS Vulnerability My + Discovered by: KnocKout Contact : [email protected] HomePage : http://h4x0resec.blogspot.com Love to = KedAns-Dz & UnDeRTaKeR & BARCOD3 & Septemb0x & ZoRLu milw00rm.com Software info |Hardware/Web App : Airties |Affected...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2015/03/13 12:0 a.m.39 views

HostingTakip 3.0 Cross Site Scripting

HostingTakip v3.0 - Stored XSS Vulnerability My + Discovered by: KnocKout Contact : [email protected] HomePage : http://h4x0resec.blogspot.com Love to UnDeRTaKeR & BARCOD3 & Septemb0x & ZoRLu milw00rm.com Software info |Web App. : HostingTakip |Affected Version : v3.0 |Software :...

7.4AI score
Exploits0
Ubuntu
Ubuntu
added 2015/03/10 2:49 p.m.66 views

USN-2523-1: Apache HTTP Server vulnerabilities

Martin Holst Swende discovered that the modheaders module allowed HTTP trailers to replace HTTP headers during request processing. A remote attacker could possibly use this issue to bypass RequestHeaders directives. CVE-2013-5704 Mark Montague discovered that the modcache module incorrectly handl...

5CVSS6.6AI score0.60205EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2015/02/02 12:0 a.m.45 views

FreeBSD : apache24 -- several vulnerabilities (5804b9d4-a959-11e4-9363-20cf30e32f6d)

Apache HTTP SERVER PROJECT reports : modproxyfcgi: Fix a potential crash due to buffer over-read, with response headers' size above 8K. modcache: Avoid a crash when Content-Type has an empty value. PR 56924. modlua: Fix handling of the Require line when a LuaAuthzProvider is used in multiple...

5CVSS6.7AI score0.60205EPSS
Exploits2References5
Prion
Prion
added 2014/12/15 6:59 p.m.28 views

Design/Logic Flaw

The handleheaders function in modproxyfcgi.c in the modproxyfcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service buffer over-read and daemon crash via long response headers...

5CVSS6.8AI score0.10783EPSS
Exploits0References26Affected Software4
Debian CVE
Debian CVE
added 2014/12/15 5:27 p.m.43 views

CVE-2014-3583

The handleheaders function in modproxyfcgi.c in the modproxyfcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service buffer over-read and daemon crash via long response headers...

5CVSS7.4AI score0.10783EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2014/12/15 12:0 a.m.33 views

CVE-2014-3583

The handleheaders function in modproxyfcgi.c in the modproxyfcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service buffer over-read and daemon crash via long response headers...

5CVSS7.1AI score0.10783EPSS
Exploits0References2
OSV
OSV
added 2014/12/15 12:0 a.m.10 views

UBUNTU-CVE-2014-3583

The handleheaders function in modproxyfcgi.c in the modproxyfcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service buffer over-read and daemon crash via long response headers...

5CVSS7.1AI score0.10783EPSS
Exploits0References3
NVD
NVD
added 2014/02/14 1:10 p.m.21 views

CVE-2013-3978

The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 does not send the appropriate HTTP response headers to prevent unwanted caching by a web browser, which allows remote attackers to obtain sensitive information by leveraging an unattended workstation...

5CVSS6AI score0.01173EPSS
Exploits0References2
Prion
Prion
added 2014/02/14 1:10 p.m.19 views

Design/Logic Flaw

The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 does not send the appropriate HTTP response headers to prevent unwanted caching by a web browser, which allows remote attackers to obtain sensitive information by leveraging an unattended workstation...

5CVSS6.5AI score0.01173EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2014/02/10 10:55 p.m.18 views

Design/Logic Flaw

Visibility Software Cyber Recruiter before 8.1.00 does not use the appropriate combination of HTTPS transport and response headers to prevent access to 1 AppSelfService.aspx and 2 AgencyPortal.aspx in the browser history, which allows remote attackers to obtain sensitive information by leveraging...

4.3CVSS6.7AI score0.01529EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2014/02/10 10:0 p.m.53 views

CVE-2014-1930

Visibility Software Cyber Recruiter prior to version 8.1.00 is vulnerable due to an improper HTTPS transport/response header configuration that permits browser-history access to (1) AppSelfService.aspx and (2) AgencyPortal.aspx, enabling an attacker to obtain sensitive information from an unatten...

4.3CVSS6.4AI score0.01529EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2013/08/20 10:0 p.m.64 views

CVE-2013-4961

CVE-2013-4961 affects Puppet Enterprise prior to 3.0.1. The vulnerability is an information disclosure where the HTTP response headers reveal version information for Apache and Phusion Passenger, allowing remote attackers to obtain sensitive details about the server stack. Publicly documented acr...

5CVSS6.4AI score0.01799EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2013/08/20 10:0 p.m.28 views

CVE-2013-4961

Puppet Enterprise before 3.0.1 includes version information for the Apache and Phusion Passenger products in its HTTP response headers, which allows remote attackers to obtain sensitive information...

5CVSS6AI score0.01799EPSS
Exploits0
w3af
w3af
added 2013/06/10 11:2 p.m.22 views

detect_reverse_proxy

This plugin tries to determine if the remote end has a reverse proxy installed. The procedure used to detect reverse proxies is to send a request to the remote server and analyze the response headers, if a Via header is found, chances are that the remote site has a reverse proxy. Plugin type...

0.1AI score
Exploits0
OpenVAS
OpenVAS
added 2013/03/15 12:0 a.m.32 views

Ubuntu Update for glance USN-1764-1

Check for the Version of glance OpenVAS Vulnerability Test $Id: gbubuntuUSN17641.nasl 8650 2018-02-03 12:16:59Z teissa $ Ubuntu Update for glance USN-1764-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software;...

3.5CVSS6.5AI score0.01356EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/01/21 12:0 a.m.35 views

CentOS Update for httpd CESA-2013:0130 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.3CVSS7.3AI score0.6477EPSS
Exploits4References2
Rows per page
Query Builder