16589 matches found
Rocky Linux 9 : nodejs (RLSA-2024:2910)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2910 advisory. nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of service...
CVE-2024-36588
An issue in Annonshop.app DecentralizeJustice/ anonymousLocker commit 2b2b4 allows attackers to send messages erroneously attributed to arbitrary users via a crafted HTTP request...
CVE-2024-36588
An issue in Annonshop.app DecentralizeJustice/ anonymousLocker commit 2b2b4 allows attackers to send messages erroneously attributed to arbitrary users via a crafted HTTP request...
CVE-2024-36588
An issue in Annonshop.app DecentralizeJustice/ anonymousLocker commit 2b2b4 allows attackers to send messages erroneously attributed to arbitrary users via a crafted HTTP request...
CVE-2024-36588
CVE-2024-36588 affects Annonshop.app’s DecentralizeJustice/anonymousLocker component (commit 2b2b4). The issue allows attackers to send messages that are erroneously attributed to arbitrary users via a crafted HTTP request. According to the CVE record, the vulnerability has a CVSS 3.1 base score ...
CVE-2024-5560
CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the device’s web interface when an attacker sends a specially crafted HTTP request...
CVE-2024-5560
CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the device’s web interface when an attacker sends a specially crafted HTTP request...
CVE-2024-37039
CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request...
CVE-2024-37039
CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request...
CVE-2024-37040
CWE-120: Buffer Copy without Checking Size of Input ‘Classic Buffer Overflow’ vulnerability exists that could allow a user with access to the device’s web interface to cause a fault on the device when sending a malformed HTTP request...
CVE-2024-37037
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ‘Path Traversal’ vulnerability exists that could allow an authenticated user with access to the device’s web interface to corrupt files and impact device functionality when sending a crafted HTTP request...
CVE-2024-37040
CVE-2024-37040 is associated with Schneider Electric Sage RTU devices. The vulnerability stems from a buffer copy without checking input size in the web interface, described as a classic Buffer Overflow (CWE-120). A malformed HTTP request could cause a fault in the device. Connected sources corro...
CVE-2024-37040
CWE-120: Buffer Copy without Checking Size of Input ‘Classic Buffer Overflow’ vulnerability exists that could allow a user with access to the device’s web interface to cause a fault on the device when sending a malformed HTTP request...
CVE-2024-37039
CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request...
CVE-2024-37039
CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request...
CVE-2024-37039
CVE-2024-37039 affects Schneider Electric Sage RTU devices. The root cause is an unchecked return value (CWE-252) which could allow an attacker to cause a denial of service by sending specially crafted HTTP requests to the device’s web interface. In published references, the vulnerability is asso...
CVE-2024-37037
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ‘Path Traversal’ vulnerability exists that could allow an authenticated user with access to the device’s web interface to corrupt files and impact device functionality when sending a crafted HTTP request...
CVE-2024-37037
CVE-2024-37037 concerns a path traversal vulnerability in Schneider Electric Sage RTU devices. The authenticated attacker, with access to the device web interface, can exploit an improper limitation of a pathname to a restricted directory via a crafted HTTP request to corrupt files and impact dev...
CVE-2024-5560
CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the device’s web interface when an attacker sends a specially crafted HTTP request...
CVE-2024-5560
CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the device’s web interface when an attacker sends a specially crafted HTTP request...