5296 matches found
c-http has an unspecified vulnerability
C-Http is an open source, Http 1.1 WebServer written in C by Marcin Dłubakowski, a Polish individual developer. yotsuyaNight c-http v0.1.0 version has a security vulnerability stemming from a problem with the length of the url in the software's handling of the delimitedread function, which an...
CVE-2021-36187
A uncontrolled resource consumption in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to cause a denial of service for webserver daemon via crafted HTTP requests...
CVE-2021-36187
FortiWeb is affected by CVE-2021-36187, causing uncontrolled resource consumption that leads to denial of service of the webserver daemon via crafted HTTP requests. Affected versions include 6.4.0, 6.3.15 and below, and 6.2.5 and below. Root cause: uncontrolled resource consumption in the webserv...
c-http 安全漏洞
C-Http is an open source, Http 1.1 WebServer written in C by Marcin Dłubakowski, a Polish individual developer. yotsuyaNight c-http v0.1.0 version has a security vulnerability stemming from a problem with the length of the url in the software's handling of the delimitedread function, which an...
CVE-2021-38465
The webinstaller is a Golang web server executable that enables the generation of an Auvesy image agent. Resource consumption can be achieved by generating large amounts of installations, which are then saved without limitation in the temp folder of the webinstaller executable...
Async-h1 request smuggling possible with long unread bodies
Impact This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server does not read the body of a request which is longer than some buffer length, async-h1 will attempt to read a subsequent request from the body content...
GHSA-4VR9-8CJF-VF9C Async-h1 request smuggling possible with long unread bodies
Impact This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server does not read the body of a request which is longer than some buffer length, async-h1 will attempt to read a subsequent request from the body content...
CVE-2021-33733
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
CVE-2021-33735
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
CVE-2021-33732
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
CVE-2021-33730
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
CVE-2021-33731
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
CVE-2021-33734
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
Command injection
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
Command injection
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
Command injection
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
Command injection
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
Command injection
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
Command injection
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...
Command injection
A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application...