Lucene search
K

8 matches found

0day.today
0day.today
added 2021/09/15 12:0 a.m.506 views

Ulfius Web Framework Remote Memory Corruption Exploit

Ulfius Web Framework suffers from a remote memory corruption vulnerability. When parsing malformed HTTP requests, a heap-related initialization bug is triggered resulting in a crash in the server or potentially remote code execution with privileges of the running process. !/usr/bin/python3 guul.p...

9.8CVSS0.6AI score0.02628EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/09/14 12:0 a.m.263 views

Ulfius Web Framework Remote Memory Corruption

!/usr/bin/python3 guul.py Ulfius Web Framework Remote Memory Corruption Vulnerability Jeremy Brown Sept 2021 Intro Ulfius Web Framework is used by a number of different projects to build web services. Some of the projects tested and confirmed vulnerable are Glewlwyd SSO Server, Taliesin Audio...

7.5CVSS0.3AI score0.02628EPSS
Exploits3
NVD
NVD
added 2021/09/07 2:15 a.m.36 views

CVE-2021-40540

ulfiusurilogger in Ulfius HTTP Framework before 2.7.4 omits coninfo initialization and a coninfo-request NULL check for certain malformed HTTP requests...

9.8CVSS0.02628EPSS
Exploits3References3
OSV
OSV
added 2021/09/07 2:15 a.m.20 views

CVE-2021-40540

ulfiusurilogger in Ulfius HTTP Framework before 2.7.4 omits coninfo initialization and a coninfo-request NULL check for certain malformed HTTP requests...

9.8CVSS6.8AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/09/07 2:15 a.m.27 views

CVE-2021-40540

ulfiusurilogger in Ulfius HTTP Framework before 2.7.4 omits coninfo initialization and a coninfo-request NULL check for certain malformed HTTP requests...

9.8CVSS7.2AI score0.02628EPSS
Exploits3References3
Debian CVE
Debian CVE
added 2021/09/07 1:50 a.m.39 views

CVE-2021-40540

ulfiusurilogger in Ulfius HTTP Framework before 2.7.4 omits coninfo initialization and a coninfo-request NULL check for certain malformed HTTP requests...

9.8CVSS9.5AI score0.02628EPSS
Exploits3
CVE
CVE
added 2021/09/07 1:50 a.m.98 views

CVE-2021-40540

CVE-2021-40540 affects the Ulfius HTTP Framework, specifically the ulfius_uri_logger component, in versions before 2.7.4. The root cause is omission of con_info initialization and a missing NULL check on con_info->request when processing certain malformed HTTP requests. This can lead to a heap...

9.8CVSS9.3AI score0.02628EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2021/09/07 1:50 a.m.41 views

CVE-2021-40540

ulfiusurilogger in Ulfius HTTP Framework before 2.7.4 omits coninfo initialization and a coninfo-request NULL check for certain malformed HTTP requests...

9.7AI score0.02628EPSS
Exploits3References3
Rows per page
Query Builder