CVE-2019-12198

In GoHttp through 2017-07-25, there is a stack-based buffer over-read via a long User-Agent header...

Stack overflow

In GoHttp through 2017-07-25, there is a stack-based buffer over-read via a long User-Agent header...

CVE-2019-12198

CVE-2019-12198 affects GoHttp (up to 2017-07-25). The vulnerability is a stack-based buffer over-read triggered by a long User-Agent header. Red Hat and NVD entries confirm the issue; no additional technical details (components, affected versions, root cause, exploit specifics, or fixes) are prov...

CVE-2018-20164

An issue was discovered in regex.yaml aka regexes.yaml in UA-Parser UAP-Core before 0.6.0. A Regular Expression Denial of Service ReDoS issue allows remote attackers to overload a server by setting the User-Agent header in an HTTPS request to a value containing a long digit string. The UAP-Core...

Design/Logic Flaw

An issue was discovered in regex.yaml aka regexes.yaml in UA-Parser UAP-Core before 0.6.0. A Regular Expression Denial of Service ReDoS issue allows remote attackers to overload a server by setting the User-Agent header in an HTTPS request to a value containing a long digit string. The UAP-Core...

DEBIAN-CVE-2018-20164

An issue was discovered in regex.yaml aka regexes.yaml in UA-Parser UAP-Core before 0.6.0. A Regular Expression Denial of Service ReDoS issue allows remote attackers to overload a server by setting the User-Agent header in an HTTPS request to a value containing a long digit string. The UAP-Core...

Nextcloud: WordPress vulnerable to multiple attacks at https://nextcloud.com

summary: your current version of WordPress is available to multiple attacks check INFO.php available attacks: - Unauthenticated Arbitrary File Deletion - lib/IPTraf.php User-Agent Header Stored XSS - Password Creation Restriction Bypass - wp-admin/admin.php whois Parameter Stored XSS - XSS & IAA ...

Chrome in Android Leaks Device Fingerprinting Info

Google has issued a partial fix for an Android issue dating back to 2015 – after originally rejecting the bug report on the grounds of the mobile OS “working as intended.” The issue – which still doesn’t have a CVE designation despite being partially addressed as a problem – has to do with how...

UltimatePOS 2.5 - Remote Code Execution

UltimatePOS 2.5 - Remote Code Execution Exploit Title: UltimatePOS 2.5 - Remote Code Execution Google Dork: intext:"UltimatePOS" Date: 2018-08-22 Exploit Author: Renos Nikolaou Vendor Homepage: http://ultimatefosters.com/ Software Link:...

ReDoS via long UserAgent header in useragent

Affected versions of useragent are vulnerable to regular expression denial of service when an arbitrarily long User-Agent header is parsed. Proof of Concept js var useragent = require'useragent'; var badUserAgent = 'MSIE 0.0'+Array900000.join'0'+'XBLWP'; var request = 'GET / HTTP/1.1\r\nUser-Agen...

GHSA-PJMX-9XR3-82QR ReDoS via long UserAgent header in useragent

Affected versions of useragent are vulnerable to regular expression denial of service when an arbitrarily long User-Agent header is parsed. Proof of Concept js var useragent = require'useragent'; var badUserAgent = 'MSIE 0.0'+Array900000.join'0'+'XBLWP'; var request = 'GET / HTTP/1.1\r\nUser-Agen...

GHSA-PMG9-P9R2-6Q87 ReDoS via long UserAgent header in ua-parser

Affected versions of ua-parser are vulnerable to regular expression denial of service when given a specially crafted User-Agent header. Recommendation No patch is currently available for this vulnerability. The best mitigation is currently to avoid using this package, using a different,...

Cross-site Scripting (XSS)

express-useragent is vulnerable to cross-site scripting XSS attacks. The vulnerability exists due to the lack of sanitization of the user-agent header, allowing XSS attacks to occur...

Regular Expression Denial Of Service (ReDoS)

ua-parser is vulnerable to regular expression denial of service ReDoS. A malicious user can pass a string through the User-Agent header to cause a ReDoS...

CVE-2017-16086

ua-parser is a port of Browserscope's user agent parser. ua-parser is vulnerable to a ReDoS Regular Expression Denial of Service attack when given a specially crafted UserAgent header...

GSA Bounty: SQL injection in https://labs.data.gov/dashboard/datagov/csv_to_json via User-agent

I've identified an SQL injection vulnerability in the website labs.data.gov that affects the endpoint /dashboard/datagov/csvtojson and can be exploited via the User-Agent HTTP header. I didn't extracted any data from the database, I've confirmed the vulnerability using sleep SQL queries with...

CVE-2017-14920

Stored XSS vulnerability in eGroupware Community Edition before 16.1.20170922 allows an unauthenticated remote attacker to inject JavaScript via the User-Agent HTTP header, which is mishandled during rendering by the application administrator...

eGroupWare Stored Cross-Site Scripting Vulnerability

eGroupWare is a multi-user, WEB-based workware suite developed on the basis of customization sets on a PHP-based API. A stored cross-site scripting vulnerability exists in eGroupWare, which allows remote attackers to inject JavaScript via the User-Agent HTTP header which is incorrectly handled...

Skype for business is also vulnerable to the autodiscovery issue

An issue in WPAD proxy automatic configuration was first discovered by Maxim Andreev back in 2015 at the MailRu group security meet-up and then was presented by Maxim Goncharov at BlackHat US 2016 slides. This year Ilya Nesterov and Maxim Goncharov presented a continuation of this research and...

Cross site scripting

FineCMS through 2017-07-11 has stored XSS in the logging functionality, as demonstrated by an XSS payload in 1 the User-Agent header of an HTTP request or 2 the username entered on the login screen...