Lucene search
K

404 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:10 p.m.7 views

CVE-2021-21492

SAP NetWeaver Application Server JavaHTTP Service, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate logon group in URLs, resulting in a content spoofing vulnerability when directory listing is enabled...

4.3CVSS6.8AI score0.00561EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:18 a.m.4 views

CVE-2019-5504

ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions...

9.8CVSS7.2AI score0.01973EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:52 a.m.8 views

CVE-2017-9139

There is a stack-based buffer overflow on some Tenda routers FH1202/F1202/F1200: versions before 1.2.0.20. Crafted POST requests to an unspecified URL result in DoS, interrupting the HTTP service used to login to the web UI of a router for 1 to 2 seconds...

3.5CVSS7.4AI score0.00373EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 9:17 p.m.10 views

CVE-2007-5560

Heap-based buffer overflow in the Juniper HTTP Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being...

10CVSS8.5AI score0.04258EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.8 views

Do Not Install the HTTP Service

HyperText Transfer Protocol HTTP is a simple request-response protocol and usually runs over TCP. It specifies what messages the client may send to the server and what responses the client receives. Request and response messages include headers in ASCII, and the message content often uses a...

7AI score
Exploits0References3
OpenVAS
OpenVAS
added 2025/04/25 12:0 a.m.5 views

Postorius Detection (HTTP)

HTTP based detection of Postorius. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.154376";...

7.4AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/14 9:34 a.m.11 views

CVE-2022-32502

An issue was discovered on certain Nuki Home Solutions devices. There is a buffer overflow over the encrypted token parsing logic in the HTTP service that allows remote code execution. This affects Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2...

6.3CVSS7.5AI score0.0131EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:41 p.m.4 views

CVE-2024-22044

A vulnerability has been identified in SENTRON 3KC ATC6 Expansion Module Ethernet 3KC9000-8TL75 All versions. Affected devices expose an unused, unstable http service at port 80/tcp on the Modbus-TCP Ethernet. This could allow an attacker on the same Modbus network to create a denial of service...

7.5CVSS7.4AI score0.00523EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.309 views

VMWare Web Login Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMWare Web Login Scanner', 'Description' = 'This module attempts to authenticate to the VMWare HTTP service for VmWare Server, ESX, and ESXI',...

7.2AI score0.53618EPSS
Exploits41
Cvelist
Cvelist
added 2024/06/11 2:8 a.m.31 views

CVE-2024-34683 Unrestricted file upload in SAP Document Builder (HTTP service)

An authenticated attacker can upload malicious file to SAP Document Builder service. When the victim accesses this file, the attacker is allowed to access, modify, or make the related information unavailable in the victim’s browser...

6.5CVSS0.00241EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/10 12:0 a.m.11 views

PT-2024-9689 · D Link · D-Link Dap-2555

Name of the Vulnerable Software and Affected Versions: D-Link DAP-2555 version REVA FIRMWARE 1.20 Description: A buffer overflow vulnerability in the D-Link DAP-2555 allows remote attackers to cause a Denial of Service DoS via a crafted HTTP request. The issue is related to the /sbin/httpd file a...

6.5CVSS7.5AI score0.00517EPSS
Exploits0References10
Zero Day Initiative
Zero Day Initiative
added 2024/05/24 12:0 a.m.16 views

(0Day) D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from...

8.8CVSS7.5AI score0.01966EPSS
Exploits0References1
NVD
NVD
added 2024/05/23 10:15 p.m.34 views

CVE-2024-5295

D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw...

8.8CVSS9.2AI score0.01966EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/23 9:29 p.m.15 views

CVE-2024-5295 D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability

D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw...

8.8CVSS8AI score0.01966EPSS
Exploits0References1
CVE
CVE
added 2024/05/23 9:29 p.m.106 views

CVE-2024-5295

CVE-2024-5295 affects the D-Link G416 wireless router. The flaw is a command injection in the HTTP service on TCP port 80, caused by improper validation of a user-supplied string before it is used to execute a system call. This allows network-adjacent attackers to execute arbitrary code with root...

8.8CVSS9.2AI score0.01966EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/05/14 10:43 a.m.9 views

CVE-2022-32502

An issue was discovered on certain Nuki Home Solutions devices. There is a buffer overflow over the encrypted token parsing logic in the HTTP service that allows remote code execution. This affects Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2...

6.3CVSS7.9AI score0.0131EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/05/09 7:37 p.m.13 views

CVE-2022-32502

An issue was discovered on certain Nuki Home Solutions devices. There is a buffer overflow over the encrypted token parsing logic in the HTTP service that allows remote code execution. This affects Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2...

8.2AI score0.0161EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/05/09 7:37 p.m.7 views

CVE-2022-32502

An issue was discovered on certain Nuki Home Solutions devices. There is a buffer overflow over the encrypted token parsing logic in the HTTP service that allows remote code execution. This affects Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2...

8.3AI score0.0161EPSS
Exploits0References4
CVE
CVE
added 2024/05/09 7:37 p.m.61 views

CVE-2022-32502

The CVE-2022-32502 entry describes a buffer overflow in the HTTP service token parsing on certain Nuki Bridge devices, enabling remote code execution. Affected: Nuki Bridge v1 prior to 1.22.0 and v2 prior to 2.13.2. The provided documents specify the vulnerability type and impacted versions but d...

6.3CVSS8.2AI score0.0161EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2024/05/03 3:16 a.m.2 views

CVE-2023-50215

D-Link G416 nodered gz File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific...

8.8CVSS7.7AI score0.00946EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder