CVE-2022-2877

CVE-2022-2877 affects the WordPress Titan Anti-spam & Security plugin prior to 7.3.1. The root cause is improper validation of HTTP headers used to verify the origin IP, allowing an attacker to bypass the plugin’s block feature by spoofing headers (e.g., X-Forwarded-For). The CVSSv3.1 vector is N...

CVE-2022-1762 iQ Block Country < 1.2.20 - Protection Bypass due to IP Spoofing

The iQ Block Country WordPress plugin before 1.2.20 does not properly checks HTTP headers in order to validate the origin IP address, allowing threat actors to bypass it's block feature by spoofing the headers...

OpenSSL 'multi-block' Feature Denial of Service Vulnerability

OpenSSL is an open source implementation of SSL used to enable strong encryption of network communications and is now widely used in a variety of web applications. A denial of service vulnerability exists in OpenSSL version 1.0.2 on 64-bit x86 platforms that support AES NI. The vulnerability is...

PT-2015-1686 · Openssl +1 · Openssl +3

Name of the Vulnerable Software and Affected Versions: OpenSSL versions 1.0.2 through 1.0.2a Description: The issue is related to the multi-block feature in the ssl3 write bytes function, which does not properly handle certain non-blocking I/O cases. This can allow remote attackers to cause a...

CVE-2015-0290

The multi-block feature in the ssl3writebytes function in s3pkt.c in OpenSSL 1.0.2 before 1.0.2a on 64-bit x86 platforms with AES NI support does not properly handle certain non-blocking I/O cases, which allows remote attackers to cause a denial of service pointer corruption and application crash...

Synology DiskStation Manager 4.3-x < 4.3-3810 Update 1 Multiple Vulnerabilities

According to its version number, the Synology DiskStation Manager installed on the remote host is 4.3-x equal or prior to 4.3-3810. It is, therefore, affected by the following vulnerabilities : - A remote code execution vulnerability exists in the File Station component due to improper validation...