Important: ruby

Issue Overview: An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's...

Exploit for Exposure of Resource to Wrong Sphere in Apache Http_Server

HTTP Request Smuggling Detection Tool This repository contain...

CVE-2024-53688

Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier, which may allow a logged-in user to execute an arbitrary OS command using a crafted HTTP request...

CVE-2024-53688

Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier, which may allow a logged-in user to execute an arbitrary OS command using a crafted HTTP request...

openSUSE Security Advisory (SUSE-SU-2024:4355-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:4352-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:4349-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:4349-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:4365-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libsoup2 (SUSE-SU-2024:4349-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4349-1 advisory. - CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header...

SUSE SLED15: libsoup-3_0-0 / libsoup-3_0-0-32bit / libsoup-devel / etc (SUSE-SU-2024:4352-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4352-1 advisory. - CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header...

SUSE SLES15 Security Update : libsoup (SUSE-SU-2024:4365-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4365-1 advisory. - CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 - CVE-2024-52531:...

SUSE-SU-2024:4365-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 - CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 - CVE-2024-52532: Fixed...

CVE-2024-37605

A NULL pointer dereference in D-Link DIR-860L REVBFIRMWARE2.04.B04ic5b allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2024-37607

A Buffer overflow vulnerability in D-Link DAP-2555 REVAFIRMWARE1.20 allows remote attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2024-37606

A Stack overflow vulnerability in D-Link DCS-932L REVBFIRMWARE2.18.01 allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2024-37606

A Stack overflow vulnerability in D-Link DCS-932L REVBFIRMWARE2.18.01 allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2024-37605

A NULL pointer dereference in D-Link DIR-860L REVBFIRMWARE2.04.B04ic5b allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2024-36831

A NULL pointer dereference in the pluginscallhandleuriclean function of D-Link DAP-1520 REVAFIRMWARE1.10B04BETA02HOTFIX allows attackers to cause a Denial of Service DoS via a crafted HTTP request without authentication...

SUSE-SU-2024:4352-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 - CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 - CVE-2024-52532: Fixed...