EUVD-2008-4658

Malware in sbrugna...

PT-2024-8690

Name of the Vulnerable Software and Affected Versions aiohttp versions prior to 3.10.11 Description aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. A flaw exists in the Python parser's handling of newlines within chunk extensions, potentially leading to request...

CVE-2023-37276

CVE-2023-37276 affects aiohttp when used as an HTTP server (aiohttp.Application); vulnerable code is in the llhttp-based HTTP request parser bundled with aiohttp v3.8.4 and earlier. Exploitation can lead to HTTP request smuggling. The issue is addressed in aiohttp 3.8.5; upgrading is recommended....

Schneider Electric Modicon Improper Input Validation (CVE-2018-7761)

A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more informatio...

CVE-2018-7761

A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution...

Design/Logic Flaw

A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution...

CVE-2018-7761

A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution...

PT-2017-3703 · Schneider Electric · Modicon Premium +3

Name of the Vulnerable Software and Affected Versions: Schneider Electric Modicon BMXNOR0200 affected versions not specified Schneider Electric Modicon M340 affected versions not specified Schneider Electric Modicon Premium affected versions not specified Schneider Electric Modicon Quantum PLC...

CVE-2015-8027

Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service uncaughtException and service outage via a pipelined HTTP request...

Design/Logic Flaw

The HTTPRequestParser method in the HTTP Transport component in IBM WebSphere Application Server WAS 6.0.2 before 6.0.2.31 allows remote attackers to cause a denial of service controller 0C4 abend and application hang via a long HTTP Host header, related to "storage overlay" on the stack and a...

openSUSE 10 Security Update : openwsman (openwsman-5241)

This update provides a fix for the included shttpd web-server to patch a buffer overflow vulnerability in the HTTP request parser. This bug can only be exploited by authenticated users to execute arbitrary code with the privileges of the openwsman/shttp daemon. CVE-2008-2097 %NASLMINLEVEL 70300 C...