16603 matches found
CVE-2024-3653
A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...
CVE-2024-3653 Undertow: learningpushhandler can lead to remote memory dos attacks
A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...
CVE-2024-3653 Undertow: learningpushhandler can lead to remote memory dos attacks
A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...
CVE-2024-3653
CVE-2024-3653 affects Undertow. The vulnerability arises when learning-push handler is enabled in server config (disabled by default); if maxAge is left at its default -1, the handler becomes vulnerable. An attacker with network access can reach the server with a normal HTTP request to exploit th...
CVE-2024-3653
A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...
CVE-2024-3653
A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...
CVE-2023-47677
A cross-site request forgery csrf vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2023-41251
A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2023-47677
A cross-site request forgery csrf vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2023-47677
Realtek rtl819x Jungle SDK v3.4.11 contains a CSRF vulnerability in its Boa web server (used by LevelOne WBR-6013). TALOS reports a cross-site request forgery that can be triggered by a specially crafted network packet, potentially causing state-changing actions on an authenticated device. Affect...
CVE-2023-47677
A cross-site request forgery csrf vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2023-41251
Summary: CVE-2023-41251 is a real vulnerability in Realtek rtl819x Jungle SDK v3.4.11 used by LevelOne WBR-6013 routers. The issue is a stack-based buffer overflow in Boa’s formRoute API when processing the subnet parameter, which can be triggered by a crafted HTTP request and may allow remote co...
CVE-2023-41251
A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2023-41251
A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...
Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control
Summary Node.js is vulnerable to remote attacker to obtain sensitive information, denial of service, HTTP request smuggling and allow a local authenticated attacker to gain elevated privileges on the system. These vulnerabilities affect IBM Spectrum Control. CVE-2024-27983, CVE-2024-22019,...
Server Side Request Forgery (SSRF) attack in Fedify
Summary At present, when Fedify needs to retrieve an object or activity from a remote activitypub server, it makes a HTTP request to the @id or other resources present within the activity it has received from the web. This activity could reference an @id that points to an internal IP address,...
GHSA-P9CG-VQCC-GRCX Server Side Request Forgery (SSRF) attack in Fedify
Summary At present, when Fedify needs to retrieve an object or activity from a remote activitypub server, it makes a HTTP request to the @id or other resources present within the activity it has received from the web. This activity could reference an @id that points to an internal IP address,...
CVE-2024-39687 Fedify vulnerable to allowing access to internal network resources
Fedify is a TypeScript library for building federated server apps powered by ActivityPub and other standards. At present, when Fedify needs to retrieve an object or activity from a remote activitypub server, it makes a HTTP request to the @id or other resources present within the activity it has...
CVE-2024-39687
Fedify (TypeScript) is affected by a Server Side Request Forgery (SSRF) flaw. When loading remote ActivityPub content, Fedify may fetch from URIs contained in activities/objects, and those URIs could point to internal IP addresses, enabling requests to internal network resources via the fetch pat...
URL Rewrite
zendframework/zendframework is vulnerable to URL Rewrite. The vulnerability is due to the request URI marshaling logic that introspects HTTP request headers specific to server-side URL rewrite mechanisms. When these headers are present on systems not running the specific URL rewriting mechanism,...