Lucene search
K

110 matches found

Cvelist
Cvelist
added 2013/06/26 1:0 a.m.22 views

CVE-2013-1692

Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks...

6.9AI score0.02011EPSS
Exploits0References16
OpenVAS
OpenVAS
added 2013/06/26 12:0 a.m.32 views

Mozilla Firefox Multiple Vulnerabilities - June 13 (Windows)

The host is installed with Mozilla Firefox and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmozillafirefoxmultvulnjun13win.nasl 6086 2017-05-09 09:03:30Z teissa $ Mozilla Firefox Multiple Vulnerabilities - June 13 Windows Authors: Arun Kallavi Copyright: Copyright c...

10CVSS0.6AI score0.69021EPSS
Exploits11References3
securityvulns
securityvulns
added 2013/01/10 12:0 a.m.75 views

Nero MediaHome Multiple Remote DoS Vulnerabilities

Advisory ID: HTB23130 Product: Nero MediaHome Vendor: Nero Vulnerable Versions: 4.5.8.0 and probably prior Tested Version: 4.5.8.0 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: January 9, 2013 Vulnerability Type: Improper Handling of Length Parameter Inconsistency...

5CVSS0.3AI score0.07681EPSS
Exploits6
exploitpack
exploitpack
added 2013/01/10 12:0 a.m.73 views

Nero MediaHome 4.5.8.0 - Denial of Service

Nero MediaHome 4.5.8.0 - Denial of Service Advisory ID: HTB23130 Product: Nero MediaHome Vendor: Nero Vulnerable Versions: 4.5.8.0 and probably prior Tested Version: 4.5.8.0 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: January 9, 2013 Vulnerability Type: Improper...

5CVSS6.5AI score0.07681EPSS
Exploits6
securityvulns
securityvulns
added 2012/12/09 12:0 a.m.82 views

TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities

Advisory ID: HTB23120 Product: TVMOBiLi media server Vendor: TVMOBiLi Vulnerable Versions: 2.1.0.3557 and probably prior version Tested Version: 2.1.0.3557 in Windows XP SP3 32 bits Vendor Notification: October 15, 2012 Vendor Patch: November 21, 2012 Public Disclosure: December 5, 2012...

5CVSS6.7AI score0.03988EPSS
Exploits4
Packet Storm
Packet Storm
added 2012/03/20 12:0 a.m.26 views

Tiny Server 1.1.9 Denial Of Service

!/usr/bin/python Overflow exploiting a vulnerability in Tiny Server ' sys.exit host = sys.argv1 port = sys.argv2 buffer = 'A' 100 + 'HTTP/1.0\r\n' print '\n' print ' Tiny Server = 1.1.0HTTP HEAD request overflow' print ' Written by Brock Haun' print ' [email protected]' print '\n' try:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2011/12/28 12:0 a.m.22 views

EchoClient

This small handy tool uses raw IP packets in to establish a connection to the target in order to see if there is any response to a echo type of packet and determine if the connection or the channel is alive an properly established. Modified by JSacco - [email protected]...

0.3AI score
Exploits0
CVE
CVE
added 2011/10/19 10:0 a.m.99 views

CVE-2011-4138

Affected software: Django prior to 1.2.7 and 1.3.x prior to 1.3.1. The verify_exists URLField validation tests a URL with HEAD, but on redirects uses GET to the redirected target, potentially causing unwanted GET requests with an unintended source IP via a crafted Location header. Impact: potenti...

5CVSS6.5AI score0.02341EPSS
Exploits0References8Affected Software1
UbuntuCve
UbuntuCve
added 2011/10/19 12:0 a.m.42 views

CVE-2011-4138

The verifyexists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 originally tests a URL's validity through a HEAD request, but then uses a GET request for the new target URL in the case of a redirect, which might allow remote attackers to trigger arbitra...

5CVSS5.9AI score0.02341EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2010/12/26 12:0 a.m.25 views

Kolibri 2.0 Buffer Overflow

!/usr/bin/env python / / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , / / // / / / / / //// //|///||/,/ / /// Live by the byte |// Members: Pr0T3cT10n -=M.o.B.=- TheLeader gsog2009 a7 homtail d0t com Sro Debug Contact: [email protected]...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2010/12/26 12:0 a.m.53 views

Kolibri 2.0 - 'HEAD' Remote Buffer Overflow RET (SEH)

!/usr/bin/env python / / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , / / // / / / / / //// //|///||/,/ / /// Live by the byte |// Members: Pr0T3cT10n -=M.o.B.=- TheLeader gsog2009 a7 homtail d0t com Sro Debug Contact: [email protected]...

7.4AI score
Exploits0
Prion
Prion
added 2010/06/18 8:30 p.m.20 views

Stack overflow

Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allows remote attackers to execute arbitrary code via a long HEAD request...

9.3CVSS8.5AI score0.05586EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2010/06/18 12:0 a.m.4 views

PT-2010-3917 · Isharer · Isharer File Sharing Wizard

Name of the Vulnerable Software and Affected Versions: iSharer File Sharing Wizard version 1.5.0 Description: A stack-based buffer overflow issue allows remote attackers to execute arbitrary code via a long HEAD request. Recommendations: For iSharer File Sharing Wizard version 1.5.0, update to a...

9.3CVSS8.8AI score0.05586EPSS
Exploits1References7
NVD
NVD
added 2010/04/14 4:0 p.m.22 views

CVE-2010-1316

Multiple stack-based buffer overflows in Tembria Server Monitor before 5.6.1 allow remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a crafted 1 GET, 2 PUT, or 3 HEAD request, as demonstrated by a malformed GET request containing a long PATHINFO to...

5CVSS7.9AI score0.09693EPSS
Exploits4References3
Prion
Prion
added 2010/02/03 7:30 p.m.12 views

Design/Logic Flaw

FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for iPod touch, allows remote attackers to cause a denial of service daemon crash via a HEAD request for the / URI...

5CVSS6.8AI score0.06263EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2010/02/03 7:0 p.m.21 views

CVE-2010-0496

FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for iPod touch, allows remote attackers to cause a denial of service daemon crash via a HEAD request for the / URI...

6.3AI score0.06263EPSS
Exploits0References3
securityvulns
securityvulns
added 2010/01/28 12:0 a.m.24 views

Serversman HTTP server DoS

Crash on HEAD request...

0.4AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2009/12/10 12:0 a.m.1949 views

HTTP Methods Allowed (per directory)

By calling the OPTIONS method, it is possible to determine which HTTP methods are allowed on each directory. The following HTTP methods are considered insecure: PUT, DELETE, CONNECT, TRACE, HEAD Many frameworks and languages treat 'HEAD' as a 'GET' request, albeit one without any body in the...

5.6AI score
Exploits0References3
Nmap
Nmap
added 2009/08/25 11:36 p.m.974 views

http-headers NSE Script

Performs a HEAD request for the root folder "/" of a web server and displays the HTTP headers returned. See also: http-security-headers.nse Script Arguments useget Set to force GET requests instead of HEAD. path The path to request, such as /index.php. Default /. slaxml.debug See the documentatio...

10CVSS0.1AI score0.99448EPSS
Exploits33
seebug.org
seebug.org
added 2009/04/23 12:0 a.m.24 views

Xitami Web Server <= 5.0 Remote Denial of Service Exploit

No description provided by source. !/usr/bin/perl Xitami HTTP Server = v5.0 Remote Denial of Service. ------------------------------------------------------------------------------ The vulnerability is caused due to an error with HEAD request and multi-socket This can be exploited to crash the HT...

7.1AI score
Exploits0
Rows per page
Query Builder