Lucene search
+L

80 matches found

Fedora
Fedora
added 2014/10/28 6:45 a.m.19 views

[SECURITY] Fedora 20 Update: python-oauth2-1.5.211-8.fc20

Oauth2 was originally forked from Leah Culver and Andy Smith's oauth.py code. Some of the tests come from a fork by Vic Fryzel, while a revamped Request class and more tests were merged in from Mark Paschal's fork. A number of notable differences exist between this code and its forefathers: - 100...

5.8CVSS6.6AI score0.0243EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Pingtel Xpressa 1.2.x/2.0/2.1 Handset Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11161/info Pingtel Xpressa handsets are reported prone to a remote denial of service vulnerability. The issue is reported to exist because of a lack of sufficient boundary checks performed on HTTP request data handled by...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2014/04/30 7:1 p.m.41 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.0.0 security update

Red Hat JBoss Data Virtualization 6.0.0 roll up patch 1, which fixes one security issue and various bugs, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base...

5.8CVSS6.5AI score0.16833EPSS
Exploits2References3
NVD
NVD
added 2014/04/16 12:55 a.m.20 views

CVE-2014-0414

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality via vectors related to HTTP Request Handling...

5CVSS5.6AI score0.01244EPSS
Exploits0References1
NVD
NVD
added 2014/04/16 12:55 a.m.17 views

CVE-2014-0426

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0413...

4.3CVSS5.8AI score0.01044EPSS
Exploits0References1
NVD
NVD
added 2014/04/16 12:55 a.m.20 views

CVE-2014-0413

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0426...

4.3CVSS5.8AI score0.01044EPSS
Exploits0References1
Prion
Prion
added 2014/04/16 12:55 a.m.20 views

Design/Logic Flaw

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0426...

4.3CVSS6.1AI score0.01044EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2014/04/16 12:55 a.m.24 views

Design/Logic Flaw

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality via vectors related to HTTP Request Handling...

5CVSS6.1AI score0.01244EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2014/04/15 10:0 p.m.28 views

CVE-2014-0414

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality via vectors related to HTTP Request Handling...

5.6AI score0.01244EPSS
Exploits0References1
Cvelist
Cvelist
added 2014/04/15 10:0 p.m.29 views

CVE-2014-0413

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0426...

5.7AI score0.01044EPSS
Exploits0References1
CVE
CVE
added 2014/04/15 10:0 p.m.57 views

CVE-2014-0413

CVE-2014-0413 affects Oracle Fusion Middleware 10.1.3.5’s Oracle Containers for J2EE component. The vulnerability arises in HTTP request handling, enabling remote attackers to impact integrity. This entry is a separate issue from CVE-2014-0426. Connected sources confirm affected product/component...

4.3CVSS5.9AI score0.01044EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2014/04/15 10:0 p.m.52 views

CVE-2014-0414

CVE-2014-0414 affects Oracle Containers for J2EE (Oracle Fusion Middleware 10.1.3.5). The connected sources describe a null byte injection vulnerability in the path handling when transferring a request to another static page or JSP via pageContext.forward or jsp:forward, which can lead to script ...

5CVSS5.8AI score0.01244EPSS
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2013/07/17 12:0 a.m.18 views

Squid "idnsALookup()" DNS名称处理缓冲区溢出漏洞

Squid是一个高效的Web缓存及代理程序。 Squid 3.2 - 3.2.11、3.3 - 3.3.6在处理DNS查询生成请求时,"idnsALookup" 函数发生错误,攻击者通过发送特制的HTTP请求利用此漏洞可造成缓冲区溢出。 0 Squid 3.x 厂商补丁: Squid ----- Squid已经为此发布了一个安全公告(SQUID-20132)以及相应补丁: SQUID-20132:Buffer overflow in HTTP request handling 链接:http://www.squid-cache.org/Advisories/SQUID-20132.txt...

7.3AI score
Exploits0
NVD
NVD
added 2012/06/22 2:55 p.m.27 views

CVE-2012-2660

actionpack/lib/actiondispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended...

6.4CVSS7.4AI score0.046EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2011/03/02 12:0 a.m.39 views

RHEL 4 : seamonkey (RHSA-2011:0313)

Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...

10CVSS8.4AI score0.05787EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2008/04/23 12:0 a.m.25 views

Firefly Media Server ws_getpostvars Function Content-Length Header HTTP Request Handling Overflow

The remote host is running Firefly Media Server, also known as mt-daapd, a media streaming server. The version of Firefly Media Server installed on the remote host apparently fails to sanitize user-supplied Content-Length field before using it to the call to 'malloclen+1' in 'src/webserver.c'...

7.5CVSS6.3AI score0.03723EPSS
Exploits1References2
Metasploit
Metasploit
added 2007/10/24 1:56 p.m.17 views

MS06-071 Microsoft Internet Explorer XML Core Services HTTP Request Handling

This module exploits a code execution vulnerability in Microsoft XML Core Services which exists in the XMLHTTP ActiveX control. This module is the modified version of http://www.milw0rm.com/exploits/2743 - credit to str0ke. This module has been successfully tested on Windows 2000 SP4, Windows XP...

0.1AI score
Exploits0
Cvelist
Cvelist
added 2007/10/20 10:0 a.m.17 views

CVE-2003-1415

NetCharts XBRL Server 4.0.0 allows remote attackers to obtain sensitive information via an HTTP request with an invalid chunked transfer encoding specification...

6.2AI score0.01202EPSS
Exploits0References5
exploitpack
exploitpack
added 2004/10/29 12:0 a.m.14 views

Global Spy Software Cyber Web Filter 2 - IP Filter Bypass

Global Spy Software Cyber Web Filter 2 - IP Filter Bypass source: https://www.securityfocus.com/bid/11562/info Global Spy Software Cyber Web Filter is affected by an IP filter bypass vulnerability. This issue is due to a failure of the application to properly handle exceptional HTTP requests. An...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/08/20 12:0 a.m.32 views

Novell NetWare 5.16.0 - POST Arbitrary Perl Code Execution

Novell NetWare 5.16.0 - POST Arbitrary Perl Code Execution source: https://www.securityfocus.com/bid/5520/info A vulnerability has been reported in some versions of Novell NetWare. This issue lies in the handling of some HTTP requests when Perl is used as a handler by a web server. Reportedly, it...

0.3AI score
Exploits0
Rows per page
Query Builder