PT-2026-22038

Name of the Vulnerable Software and Affected Versions TinyWeb versions prior to 2.02 Description TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. The server creates a new operating system thread for each incoming connection without enforcing a maximum concurrency limit or an...

Vscan - Vulnerability Scanner Tool Using Nmap And Nse Scripts

vulnerability scanner tool is using nmap and nse scripts to find vulnerabilities This tool puts an additional value into vulnerability scanning with nmap. It uses NSE scripts which can add flexibility in terms of vulnerability detection and exploitation. Below there are some of the features that...

nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass

It was found that the original fix for Slowloris, CVE-2018-12122, was insufficient. It is possible to bypass the server's headersTimeout by sending two specially crafted HTTP requests in the same connection. An attacker could use this flaw to bypass Slowloris protection, resulting in a denial of...

CVE-2019-11060

The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service DoS by sending headers very slowly to keep HTTP or HTTPS connections and associated resources alive for a long period of time...