Lucene search
K

91 matches found

Trellix
Trellix
added 2022/01/27 12:0 a.m.33 views

Worming your way in through IIS - CVE-2022-21907

Worming your way in through IIS - CVE-2022-21907 By Trellix · January 27, 2022 This story was written by Eion Carroll. IIS HTTP Stack History In the first patch Tuesday of 2022, Microsoft released a patch for a wormable vulnerability CVE-2022-21907 within the IIS HTTP stack, or more specifically...

10CVSS10AI score0.9279EPSS
Exploits21
OSV
OSV
added 2021/10/21 6:15 p.m.4 views

CVE-2021-35228

This vulnerability occurred due to missing input sanitization for one of the output fields that is extracted from headers on specific section of page causing a reflective cross site scripting attack. An attacker would need to perform a Man in the Middle attack in order to change header for a remo...

4.7CVSS5.3AI score0.00558EPSS
Exploits0References2
Veracode
Veracode
added 2021/09/22 7:30 a.m.6 views

Response Splitting

http4s-client is vulnerable to response splitting. Creating the fields such as Header names Header.name, Header values Header.value, Status reason phrases Status.reason, URI paths Uri.Path, URI authority registered names URI.RegName allows an attacker to inject a malicious character such as...

8.7CVSS6.5AI score0.01196EPSS
Exploits1References4Affected Software4
RedHat Linux
RedHat Linux
added 2021/02/16 2:25 p.m.2 views

nodejs: HTTP request smuggling via two copies of a header field in an http request

A flaw was found in nodejs. Affected versions of Node.js allow two copies of a header field in an HTTP request. The first header field is recognized while the second is ignored leading to HTTP request smuggling. The highest threat from this vulnerability is to data confidentiality and integrity...

6.5CVSS7.3AI score0.16296EPSS
Exploits2References4
Talos
Talos
added 2021/01/26 12:0 a.m.56 views

Micrium uC-HTTP HTTP Server unchecked return value denial-of-service vulnerability

Summary A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Micrium uC-HTTP 3.01.00 Product URLs...

8.6CVSS7.6AI score0.02612EPSS
Exploits1
Talos
Talos
added 2021/01/26 12:0 a.m.128 views

Micrium uC-HTTP HTTP Server null pointer dereference denial-of-service vulnerability

Summary A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Micrium uC-HTTP 3.01.00 Product URLs...

8.6CVSS7.6AI score0.01881EPSS
Exploits1
CNVD
CNVD
added 2020/07/02 12:0 a.m.4 views

Envoy Resource Management Error Vulnerability (CNVD-2020-51750)

Envoy is an open source distributed proxy server . A resource management error vulnerability exists in Envoy versions 1.14.2 and earlier, 1.13.2 and earlier, and 1.12.4 and earlier. An attacker can exploit the vulnerability by consuming large amounts of memory with requests with HTTP/1.1 headers...

7.5CVSS6.9AI score0.01448EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/07/01 6:46 p.m.7 views

envoy: Resource exhaustion when processing HTTP/1.1 headers with long field names

An uncontrolled resource consumption vulnerability was found in Envoy. This flaw allows an attacker to craft many HTTP requests with long field names or URLs to cause the proxy to consume excessive amounts of memory, potentially resulting in a denial of service. The highest threat from this...

7.5CVSS7.1AI score0.01448EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.41 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2019-2593)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.2AI score0.15564EPSS
Exploits0References2
Prion
Prion
added 2019/05/24 5:29 p.m.23 views

Integer overflow

Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8909W, QCS605, Qualcomm 215,...

10CVSS9.4AI score0.01118EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/05/24 4:44 p.m.34 views

CVE-2018-13887

Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8909W, QCS605, Qualcomm 215,...

9.6AI score0.01118EPSS
Exploits0References1
CVE
CVE
added 2019/05/24 4:44 p.m.75 views

CVE-2018-13887

CVE-2018-13887 describes an integer overflow vulnerability caused by untrusted header fields in the GNSS XTRA3 function, affecting Qualcomm Snapdragon platforms (Auto, Compute, IOT variants across multiple Snapdragon and QC700-series devices). The root cause is untrusted data in GNSS XTRA3 header...

10CVSS9.5AI score0.01118EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/11/17 9:29 a.m.5 views

UBUNTU-CVE-2017-16872

An issue was discovered in Teluu pjproject pjlib and pjlib-util in PJSIP before 2.7.1. Parsing the numeric header fields in a SIP message like cseq, ttl, port, etc. all had the potential to overflow, either causing unintended values to be captured or, if the values were subsequently converted bac...

9.8CVSS7.4AI score0.034EPSS
Exploits0References6
CVE
CVE
added 2017/11/17 9:0 a.m.83 views

CVE-2017-16872

CVE-2017-16872 affects Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. The issue arises when parsing numeric SIP header fields (e.g., CSeq, ttl, port); values can overflow and may be captured incorrectly or cause a buffer overrun if converted back to strings, enabling a potential ex...

9.8CVSS9.3AI score0.034EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2017/07/11 6:45 p.m.8 views

httpd: Apache HTTP Request Parsing Whitespace Defects

It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a...

7.5CVSS6.8AI score0.13252EPSS
Exploits0References5
OSV
OSV
added 2016/09/12 10:59 a.m.4 views

CVE-2016-6396

Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482...

5.3CVSS5.8AI score0.01244EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.25 views

Fedora 23 : nghttp2-1.7.1-1.fc23 (2016-ac861a840e)

CVE-2016-1544: Out of memory in nghttpd, nghttp, and libnghttp2asio applications due to unlimited incoming HTTP header fields: https://github.com/tatsuhiro-t/nghttp2/releases/tag/v1.7.1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

3.3CVSS6.7AI score0.00886EPSS
Exploits0References4
NVD
NVD
added 2015/09/02 4:59 p.m.21 views

CVE-2015-6277

The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.21SV31.4, Nexus 3000 devices 7.30ZD0.47, Nexus 4000 devices 4.12E1, Nexus 9000 devices 7.30ZD0.61, and MDS 9000 devices 7.00HSK0.353 and SAN-OS NX-OS on MDS 9000 devices 7.00HSK0.353 allows remote attackers to cause...

6.1CVSS6.7AI score0.00877EPSS
Exploits0References2
securityvulns
securityvulns
added 2012/03/20 12:0 a.m.50 views

at32 ReverseProxy - Multiple HTTP Header Field Denial Of Service Vulnerability

Title: at32 Reverse Proxy - Multiple HTTP Header Field Denial Of Service Vulnerability Product : at32 Reverse Proxy Version : v1.060.310 Vendor: http://www.at32.com/doc/rproxy.htm Class: Boundary Condition Error CVE: Remote: Yes Local: No Published: 2012-03-14 Updated: Impact : Medium CVSS2 Base ...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2012/03/19 12:0 a.m.18 views

at32 Reverse Proxy 1.060.310 Denial Of Service

Title: at32 Reverse Proxy - Multiple HTTP Header Field Denial Of Service Vulnerability Product : at32 Reverse Proxy Version : v1.060.310 Vendor: http://www.at32.com/doc/rproxy.htm Class: Boundary Condition Error CVE: Remote: Yes Local: No Published: 2012-03-14 Updated: Impact : Medium CVSS2 Base ...

Exploits0
Rows per page
Query Builder