Astra Linux – Vulnerability in python-tornado

Tornado is a Python web framework and asynchronous networking library. Versions 6.5.2 and earlier use an inefficient algorithm when parsing parameters for HTTP header values, which may lead to Denial-of-Service attacks. The parseparam function in httputil.py is used to parse specific HTTP header...

Django: Django: Denial of Service via crafted request with duplicate headers

A flaw was found in Django. A remote attacker can exploit this vulnerability by sending a crafted request containing multiple duplicate headers to the ASGIRequest component. This can lead to a potential Denial of Service DoS, making the affected system unavailable to legitimate users...

The vulnerability of the asynchronous Moxa NPort 5110 server, related to the possibility of recording outside the allowed range, allows a intruder to trigger a service failure.

The vulnerability of the asynchronous Moxa NPort 5110 server lies in its ability to record data beyond the allowed range. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

PT-2022-2878 · Moxa · Moxa Nport 5110

Name of the Vulnerable Software and Affected Versions: Moxa NPort 5110 version 2.10 Description: The issue is related to an out-of-bounds write vulnerability in the Moxa NPort 5110 asynchronous server. This vulnerability can be exploited by a remote attacker to cause the device to become...

Command Execution Vulnerability in Youyou's Email System of Shenzhen Hechen Communication Technology Co.

Shenzhen Hechen Communication Technology Co., Ltd. Youyou mail system is a modern enterprise to set up a professional e-mail service of a set of overall solutions, the mail system not only provides the conventional e-mail functions, but also extends the e-mail monitoring, e-mail antivirus, e-mail...