Lucene search
K

168 matches found

Microsoft CVE
Microsoft CVE
added 2019/08/13 7:0 a.m.55 views

HTTP/2 Server Denial of Service Vulnerability

A denial of service vulnerability exists in the HTTP/2 protocol stack HTTP.sys when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. ...

7.8CVSS2.3AI score0.82813EPSS
Exploits0
NVD
NVD
added 2019/07/11 8:15 p.m.25 views

CVE-2019-0052

The srxpfe process may crash on SRX Series services gateways when the UTM module processes a specific fragmented HTTP packet. The packet is misinterpreted as a regular TCP packet which causes the processor to crash. This issue affects all SRX Series platforms that support URL-Filtering and have...

7.8CVSS7.5AI score0.01841EPSS
Exploits0References2
Prion
Prion
added 2019/07/11 8:15 p.m.18 views

Design/Logic Flaw

The srxpfe process may crash on SRX Series services gateways when the UTM module processes a specific fragmented HTTP packet. The packet is misinterpreted as a regular TCP packet which causes the processor to crash. This issue affects all SRX Series platforms that support URL-Filtering and have...

7.8CVSS7.5AI score0.01841EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/07/11 7:40 p.m.25 views

CVE-2019-0052 SRX Series: srxpfe process crash while JSF/UTM module parses specific HTTP packets

The srxpfe process may crash on SRX Series services gateways when the UTM module processes a specific fragmented HTTP packet. The packet is misinterpreted as a regular TCP packet which causes the processor to crash. This issue affects all SRX Series platforms that support URL-Filtering and have...

7.5CVSS7.5AI score0.01841EPSS
Exploits0References2
CVE
CVE
added 2019/07/11 7:40 p.m.159 views

CVE-2019-0052

The CVE-2019-0052 issue affects Juniper Networks Junos OS on SRX Series gateways, where the srxpfe process crashes when the UTM/JSF module processes a specific fragmented HTTP packet. The packet is misinterpreted as a normal TCP packet, causing a processor crash. Affected releases cover multiple ...

7.8CVSS7.5AI score0.01841EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/01/15 9:29 p.m.17 views

CVE-2019-0006

A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager fxpc on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to...

9.8CVSS9.8AI score0.05263EPSS
Exploits0References2
Prion
Prion
added 2019/01/15 9:29 p.m.24 views

Design/Logic Flaw

A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager fxpc on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to...

7.5CVSS9.6AI score0.05263EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/01/15 9:0 p.m.14 views

CVE-2019-0006 Junos OS: EX, QFX and MX series: Packet Forwarding Engine manager (FXPC) process crashes due to a crafted HTTP packet in a Virtual Chassis configuration

A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager fxpc on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to...

9.8CVSS9.8AI score0.05263EPSS
Exploits0References2
CNVD
CNVD
added 2018/10/23 12:0 a.m.2 views

LIVE555 RTSP Server Buffer Overflow Vulnerability

LIVE555 RTSP Server is a command line program for viewing, transmitting, receiving and recording media streams specified by RTSP URLs. A stack buffer overflow vulnerability exists in the HTTP packet parsing feature of the library in LIVE555 RTSP Server version 0.92. An attacker can exploit this...

10CVSS9.6AI score0.09487EPSS
Exploits3References1
The Hacker News
The Hacker News
added 2018/10/19 2:12 p.m.679 views

Critical Code Execution Flaw Found in LIVE555 Streaming Library

Security researchers have discovered a serious code execution vulnerability in the LIVE555 streaming media library—which is being used by popular media players, along with a number of embedded devices capable of streaming media. LIVE555 streaming media, developed and maintained by Live Networks, ...

10CVSS2.4AI score0.09487EPSS
Exploits3
OSV
OSV
added 2018/10/19 1:29 p.m.5 views

CVE-2018-4013

An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...

9.8CVSS6.8AI score0.09487EPSS
Exploits3References5
UbuntuCve
UbuntuCve
added 2018/10/19 1:29 p.m.28 views

CVE-2018-4013

An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...

10CVSS8AI score0.09487EPSS
Exploits3References4
OSV
OSV
added 2018/10/19 1:29 p.m.3 views

UBUNTU-CVE-2018-4013

An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...

10CVSS8.1AI score0.09487EPSS
Exploits3References5
Cvelist
Cvelist
added 2018/10/19 1:0 p.m.25 views

CVE-2018-4013

An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...

10CVSS9.6AI score0.09487EPSS
Exploits3References5
CVE
CVE
added 2018/10/19 1:0 p.m.172 views

CVE-2018-4013

CVE-2018-4013 affects the LIVE555 RTSP server library (liveMedia) version 0.92, where a vulnerability in the HTTP packet-parsing path can cause a stack-based buffer overflow leading to remote code execution. The root cause involves reading HTTP headers into stack buffers during RTSP-over-HTTP han...

10CVSS9.5AI score0.09487EPSS
Exploits3References5Affected Software1
FreeBSD
FreeBSD
added 2018/10/18 12:0 a.m.505 views

liveMedia -- potential remote code execution

Talos reports: An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerabili...

10CVSS3.6AI score0.09487EPSS
Exploits3References2
NVD
NVD
added 2018/08/21 2:29 p.m.17 views

CVE-2018-6692

Stack-based Buffer Overflow vulnerability in libUPnPHndlr.so in Belkin Wemo Insight Smart Plug allows remote attackers to bypass local security protection via a crafted HTTP post packet...

10CVSS6.5AI score0.03701EPSS
Exploits0References1
Prion
Prion
added 2018/06/21 11:29 a.m.18 views

Buffer overflow

A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerabili...

7.8CVSS7.8AI score0.01919EPSS
Exploits0References1Affected Software2
Microsoft CVE
Microsoft CVE
added 2018/06/12 7:0 a.m.32 views

HTTP.sys Denial of Service Vulnerability

A denial of service vulnerability exists in the HTTP 2.0 protocol stack HTTP.sys when HTTP.sys improperly parses specially crafted HTTP 2.0 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become...

7.8CVSS2.1AI score0.12701EPSS
Exploits0
Prion
Prion
added 2018/05/14 8:29 p.m.15 views

Cross site request forgery (csrf)

An exploitable cross-site request forgery vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP packet can cause cross-site request forgery. An attacker can create malicious HTML to trigger this vulnerability...

6.8CVSS8.5AI score0.01011EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder