[SECURITY] Fedora 40 Update: libre-3.10.0-1.fc40

Libre is a generic library for real-time communications with async I/O support. Features are a SIP stack RFC 3261, SDP, RTP and RTCP, SRTP and SRTCP Secure RTP, DNS client, STUN/TURN/ICE stack, BFCP, HTTP stack with client/server, Websockets, Jitter buffer, async I/O poll, epoll, select, kqueue,...

Hypermedia and Browser Enhancement

Front end development these days is dominated by large JavaScript client side frameworks. There are plenty of good reasons for that, but it can be very inefficient for many use cases, and the framework engineering has become extremely complex. In this article, I want to explore a different...

Fedora: Security Advisory for brazil (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-21571

CVE-2021-21571 concerns the Dell BIOSConnect/HTTPS Boot stack in Dell UEFI BIOS. The vulnerability is due to improper certificate validation in the BIOSConnect HTTPS path, enabling a MITM attacker to remotely deliver content and potentially cause denial of service and payload tampering. Affected ...

Get patching! Wormable Windows flaw headlines Patch Tuesday

It looks like patching a wormable Remote Code Execution RCE bug in the HTTP stack of Windows 10 and Windows Server is likely to be top of most sysadmins todo lists after reading Mays Patch Tuesday updates. The monthly bug bonanza also features three other critical items among its 55 patches...

Micrium uC-HTTP Code Issue Vulnerability

Micrium uC-HTTP is a software from Micrium USA that provides TCP/IP functionality for devices. The software is designed for embedded applications with a compact, reliable, high-performance TCP/IP stack with dual support for IPv4 and IPv6. A code issue vulnerability exists in Micrium uC-HTTP versi...

ProCaster LE-32F430 GStreamer souphttpsrc libsoup/2.51.3 Stack Overflow Exploit

ProCaster LE-32F430 SmartTV remote code execution exploit that leverages a stack overflow vulnerability in GStreamer souphttpsrc libsoup version 2.51.3. !/bin/sh ProCaster LE-32F430 NotSoSmartTV remote code execution exploit through GStreamer souphttpsrc libsoup/2.51.3 HTTP stack overflow...

ProCaster LE-32F430 GStreamer souphttpsrc libsoup/2.51.3 Stack Overflow

!/bin/sh ProCaster LE-32F430 NotSoSmartTV remote code execution exploit through GStreamer souphttpsrc libsoup/2.51.3 HTTP stack overflow CVE-2017-2885 def 2020-02-15 ................. 850day exploit lol Exploit payload: ret2libc system nc reverse shell with a clean exit CMD="$CMD:-/bin/busybox nc...

Microsoft Windows: Service: WinHTTP Web Proxy Auto-Discovery Service

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winhttpwebproxyautodiscovery.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for WinHTTP Web Proxy Auto-Discovery Service WinHttpAutoProxySvc Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

Novell eDirectory Security Bypass Vulnerability

Novell eDirectory is an identity management infrastructure platform that combines identity management architecture and directory services technology from Novell, USA. The platform provides authentication policies, data backup and recovery services, data disaster recovery and other functions. A...

CVE-2016-5747

The CVE-2016-5747 entry concerns Novell eDirectory’s NDSD HTTP stack cookie handling, where predictable cookies enable remote bypass of access restrictions prior to version 9.0.1. Multiple sources (NVD, CNVD, OpenVAS) confirm the vulnerability in the cookie-based auth flow, affecting eDirectory b...

MS15-034: Vulnerability in HTTP.sys could allow remote code execution: April 14, 2015

MS15-034: Vulnerability in HTTP.sys could allow remote code execution: April 14, 2015 Summary This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows system...

InterSystems Cache HTTP Stack Buffer Overflow

Added: 11/13/2009 Background InterSystems Cache is a high-performance object database that also enables rapid Web application development. Problem Intersystems Cache is vulnerable to a HTTP stack buffer overflow as a result of a specially crafted parameter to the UtilConfigHome.csp page. Resoluti...

InterSystems Cache HTTP Stack Buffer Overflow

Added: 11/13/2009 Background InterSystems Cache is a high-performance object database that also enables rapid Web application development. Problem Intersystems Cache is vulnerable to a HTTP stack buffer overflow as a result of a specially crafted parameter to the UtilConfigHome.csp page. Resoluti...

InterSystems Cache HTTP Stack Buffer Overflow

Added: 11/13/2009 Background InterSystems Cache is a high-performance object database that also enables rapid Web application development. Problem Intersystems Cache is vulnerable to a HTTP stack buffer overflow as a result of a specially crafted parameter to the UtilConfigHome.csp page. Resoluti...

CVE-2008-0925

Cross-site scripting XSS vulnerability in the iMonitor interface in Novell eDirectory 8.7.3.x before 8.7.3 sp10, and 8.8.x before 8.8.2 ftf2, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters that are used within "error messages of the HTTP stack."...

Novell Netware 6.0 eDirectory 8.7 - HTTPSTK.NLM Remote Abend

Novell Netware 6.0 eDirectory 8.7 - HTTPSTK.NLM Remote Abend source: https://www.securityfocus.com/bid/7841/info It has been reported that the HTTP Stack distributed with Novell Netware and eDirectory does not properly handle some types of malformed packets. Because of this, an attacker may be ab...