CVE-2024-3462

Ant Media Server Community Edition is vulnerable to improper HTTP header based authorization, allowing unauthorized users to access non-administrative API calls reserved for authorized users. Affected versions are prior to 2.9.0 (tested); vendor status on a patch is not confirmed. Multiple source...

CVE-2023-41009

File Upload vulnerability in adlered bolo-solo v.2.6 allows a remote attacker to execute arbitrary code via a crafted script to the authorization field in the header...

Login bruteforce

Description According to the fix of the previous report, the login page has a rate limit mechanism to block the user’s IP when many attempts are made. The endpoint, for example, /v2/console/status only returns the content when who made the request has the correct rights. However, this request is...

UBUNTU-CVE-2017-12196

undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attacker to cause a MITM attack and access the...

IceCast buffer overflow

Authorization: HTTP header buffer overflow...

ZoneEdit Account Hijack Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== secondmotion-SM-SA-02-02 Security Advisory ===================================================================== Topic: ZoneEdit Account Hijack Vulnerability Announced: 2002-11-05...