24 matches found
EUVD-2003-1410
Malware in sbrugna...
EUVD-2019-9419
Malware in sbrugna...
EUVD-2004-0455
Malware in sbrugna...
EUVD-2015-7808
Malware in sbrugna...
EUVD-2024-0201
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-42353
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing th...
Medium: python-webob
Issue Overview: WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python's urlparse, and joining it to the base URL. urlparse however treat...
Mageia: Security Advisory (MGASA-2024-0308)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-42353
A vulnerability was found in the WebOb package. WebOb normalizes the HTTP Location header using urlparse and urljoin. If the URL starts with //, urlparse treats the following part as the hostname, and replaces the original request's hostname. This issue, combined with user interaction, may become...
SUSE CVE-2006-4089
Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to cause a denial of service application crash, or have other unknown impact, via 1 a long Location field sent by a web server, which triggers an overflow in the reconnect function in...
CVE-2019-19821
A post-authentication privilege escalation in the web application of Combodo iTop allows regular authenticated users to access information and modify information with administrative privileges by not following the HTTP Location header in server responses. This is fixed in all iTop packages...
Authentication flaw
A post-authentication privilege escalation in the web application of Combodo iTop allows regular authenticated users to access information and modify information with administrative privileges by not following the HTTP Location header in server responses. This is fixed in all iTop packages...
CVE-2019-19821
CVE-2019-19821 affects the Combodo iTop web application. A post‑authentication privilege escalation allows regular authenticated users to access and modify information with administrative privileges due to improper handling of HTTP Location header in server responses. Mitigation per sources is to...
CVE-2015-7910
Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response body...
Debian: Security Advisory (DSA-1495-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1495-1 : nagios-plugins - buffer overflows
Several local/remote vulnerabilities have been discovered in two of the plugins for the Nagios network monitoring and management system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-5198 A buffer overflow has been discovered in the parser for HTT...
CVE-2003-1420
Cross-site scripting XSS vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header...
nagios-plugins -- Long Location Header Buffer Overflow Vulnerability
A Secunia Advisory reports: The vulnerability is caused due to a boundary error within the redir function in checkhttp.c when processing HTTP Location: header information. This can be exploited to cause a buffer overflow by returning an overly long string in the "Location:" header to a vulnerable...
RaidenHTTPD 1.1.49 - 'SoftParserFileXml' Remote Code Execution
!/usr/bin/php -q -d shortopentag=on ? printr' ----------------------------------------------------------------------------- RaidenHTTPD/1.1.49 remote commands execution exploit by rgod [email protected] site: http://retrogod.altervista.org dork: Powered.by.RaidenHTTPD +intitle:index.of |...
CVE-2004-0456
Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header...