Lucene search
+L

31 matches found

CNNVD
CNNVD
added 2022/05/25 12:0 a.m.6 views

Pallets Werkzeug 环境问题漏洞

Pallets Werkzeug is a WSGI web application library. An environmental issue vulnerability exists in Pallets Werkzeug version 2.1.0 and prior versions that stems from incorrectly parsing HTTP requests. An attacker could use this vulnerability to perform HTTP request smuggling via a specially crafte...

9.8CVSS8.2AI score0.08165EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/09/16 12:0 a.m.5 views

mitmproxy环境问题漏洞

mitmproxy is an interactive, SSL/TLS-enabled interceptor proxy with a console interface for HTTP/1, HTTP/2, and WebSockets. An environment issue vulnerability exists in mitmproxy 7.0.2 and prior versions, where a malicious client/server can smuggle a request/response through mitmproxy as part of...

9.8CVSS8.1AI score0.01176EPSS
Exploits0References3
CNVD
CNVD
added 2021/06/30 12:0 a.m.27 views

Apache Traffic Server Environment Issue Vulnerability (CNVD-2021-70101)

An environmental issue vulnerability exists in Apache Traffic Server ATS, a set of scalable HTTP proxy and caching servers from the Apache Foundation, which stems from a failure to properly handle URL data segments. An attacker could exploit this vulnerability to affect the cache of the target...

7.5CVSS1.8AI score0.03543EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/12 12:0 a.m.9 views

Unspecified Vulnerability in JerryScript (CNVD-2021-43002)

JerryScript is a lightweight JavaScript engine . An unspecified vulnerability exists in ecmaislexicalenvironment in ecma-helpers.c in JerryScript version 2.4.0. No detailed vulnerability details are provided at this time...

6.5CVSS6.7AI score0.00937EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/03/30 12:0 a.m.6 views

Netty 环境问题漏洞

Netty is a non-blocking I/O client-server framework from the Netty community that is primarily used to develop Java web applications such as protocol servers and clients. Netty suffers from an environment issue vulnerability which leads to request smuggling...

5.9CVSS6.5AI score0.04935EPSS
Exploits0References110
CNNVD
CNNVD
added 2021/02/17 12:0 a.m.12 views

Lightbeed Akka Akka-http Environment Issue Vulnerability

Lightbeed Akka Akka-http is a toolkit from the Lightbeed community in China. It provides a more generalized toolkit for providing and using HTTP-based services. An environment issue vulnerability exists in com.typesafe.akka:akka-http-core that allows multiple Transfer-Encoding headers...

6.5CVSS6.6AI score0.00705EPSS
Exploits0References4
CNVD
CNVD
added 2020/05/07 12:0 a.m.38 views

Red Hat Undertow Environment Issues Vulnerabilities

Red Hat Undertow is a U.S. Red Hat Red Hat, a Java-based embedded Web server, is the default Web server Wildfly Java application server. An environment issue vulnerability exists in versions prior to Red Hat Undertow 2.1.1.Final. An attacker could exploit this vulnerability to cause HTTP requests...

6.5CVSS6.7AI score0.01005EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/13 12:0 a.m.7 views

OpenResty Environment Issues Vulnerabilities

OpenResty is China's Ou Rui software development OpenResty company's a Web application server based on Nginx and Lua . An environment issue vulnerability exists in the ngxhttpluasubrequest.c file in OpenResty versions prior to 1.15.8.4. The vulnerability stems from an unreasonable environmental...

7.5CVSS6.9AI score0.02599EPSS
Exploits0
CNVD
CNVD
added 2019/09/30 12:0 a.m.4 views

Google Go Environmental Issues Vulnerability

Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google. An environment issue vulnerability exists in Google Go versions prior to 1.12.10 and 1.13.x prior to 1.13.1, which can be exploited by an attacker to bypass filters or perform a...

7.5CVSS9.3AI score0.05299EPSS
Exploits0References1
Mageia
Mageia
added 2019/08/18 12:39 p.m.61 views

Updated mythtv packages fix security issues

This update provides and update to mythtv 30, and updates the bundled ffmpeg to 3.2. It also fixes at least the following issue: The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 4.0.2 does not check for an empty audio packet, leading to an assertion failure CVE-2018-15822. It...

7.5CVSS2.3AI score0.03266EPSS
Exploits0References4
Microsoft KB
Microsoft KB
added 2019/06/11 7:0 a.m.282 views

June 11, 2019—KB4503293 (OS Build 18362.175)

None None...

9.3CVSS6.8AI score0.48043EPSS
Exploits14
Rows per page
Query Builder