Lucene search
K

11 matches found

Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.12 views

PT-2026-42031

Name of the Vulnerable Software and Affected Versions Coder versions prior to 2.33.3 Coder versions prior to 2.32.2 Coder versions prior to 2.31.12 Coder versions prior to 2.30.8 Coder versions prior to 2.29.13 Coder versions prior to 2.24.5 Description An unauthenticated semi-blind Server-Side...

6.5CVSS6AI score0.00071EPSS
Exploits0References12
EUVD
EUVD
added 2026/03/06 3:31 p.m.6 views

EUVD-2018-21624

AMPPS 2.7 contains a denial of service vulnerability that allows remote attackers to crash the service by sending malformed data to the default HTTP port. Attackers can establish multiple socket connections and transmit invalid payloads to exhaust server resources and cause service unavailability...

8.7CVSS5.8AI score0.00339EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/07 9:40 a.m.8 views

CVE-1999-0415

The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router's configuration...

7.5CVSS7AI score0.01387EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-3666

Malware in sbrugna...

5.3CVSS5.5AI score0.01445EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.15 views

Atlassian Confluence 7.19.7 < 7.19.11 Tomcat Dependancy Vulnerabilty

According to its self-reported version number, the Atlassian Confluence application running on the remote host is 7.13.15 prior to 7.13.19, 7.19.7 prior to 7.19.11 or 8.1.1 prior to 8.4.1. It is, therefore, affected by a vulnerability in the bundled Apache Tomcat. If non-default HTTP connector...

7.5CVSS7.4AI score0.51547EPSS
Exploits1References2
Atlassian
Atlassian
added 2023/09/18 9:40 p.m.59 views

org.apache.tomcat:tomcat-catalina Vulnerability in Bamboo Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 9.2.2, 9.2.3 and 9.3.0 of Bamboo Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticat...

7.5CVSS7.3AI score0.46836EPSS
Exploits1
Apache Tomcat
Apache Tomcat
added 2023/04/19 12:0 a.m.73 views

Fixed in Apache Tomcat 10.1.8

Moderate: Apache Tomcat denial of service CVE-2023-28709 The fix for CVE-2023-24998 was incomplete. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount...

7.5CVSS7.8AI score0.51547EPSS
Exploits1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/19 12:0 a.m.5 views

The vulnerability of the microprogrammed network router Advantech BB-ERT351, related to the default use of the HTTP protocol, allows a hacker to intercept administrator credentials and other confidential information.

The vulnerability of the microprogrammed network router Advantech BB-ERT351 is related to the default use of the HTTP protocol during the implementation of the “Basic HTTP Authentication” method. Exploiting this vulnerability allows a malicious actor to intercept administrator credentials and oth...

10CVSS7.2AI score0.00776EPSS
Exploits0References2Affected Software1
Citrix
Citrix
added 2018/08/09 12:0 a.m.9 views

How to enable "Drop Invalid HTTP Requests" from default HTTP Parameters

This article provides instructions onHow to enable "Drop Invalid HTTP Requests" from default HTTP Parameters...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2014/10/08 12:0 a.m.49 views

DrayTek VigorACS SI 1.3.0 File Write / LFI / File Upload

DrayTek VigorACS SI /ACSServer/ We found that most of the VigorACS SI deployments are using the default http authentication settings acs/password. This is not so much a software vulnerability but more a configuration issue. 2.2 Unauthenticated arbitrary file read/write functionality via...

0.2AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.3 views

WirelessIP5000 has multiple vulnerabilities

Overview WirelessIP5000, a wireless IP phone from Hitachi Cable, contains multiple vulnerabilities; - Illegal access using the port TCP3390 - SNMP access using an arbitrary community name - Access to the HTTP server by an unauthorized user in the factory default configuration - The HTTP server...

7.5CVSS7AI score0.01532EPSS
Exploits0References5
Rows per page
Query Builder