CVE-2022-30521

The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1FW107b09.bin and previous versions. The function created at 0x17958 of /htdocs/cgibin will call sprintf without checking the length of strings in parameters...

Exodus: 2 Cache Poisoning Attack Methods Affect Core Functionality www.exodus.com

Summary: www.exodus.com hosts static js and css files on Server: cloudflare . Which is cached by cloudflare and passed to all other users accessing the source. I was able to impact the core functionality by using a custom HTTP. Here are 2 details of the Bug. Steps To Reproduce: 1. 501 Not...

http before 0.13.3 vulnerable to header injection

An issue was discovered in the http package before 0.13.3 for Dart. If the attacker controls the HTTP method and the app is using Request directly, it's possible to achieve CRLF injection in an HTTP request via HTTP header injection. This issue has been addressed in commit abb2bb182 by validating...

Knock Knock plugin IP Whitelist bypass via an X-Forwarded-For HTTP header

The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header...

GHSA-HRFH-7J5F-8CCR Pivotal RabbitMQ is vulnerable to a denial of service attack

Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be...

Uncontrolled Resource Consumption in Hawk

Hawk is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with partial cryptographic verification of the request and response, covering the HTTP method, request URI, host, and optionally the request payload. Hawk used a regular expression to parse Host HTTP...

CVE-2021-38944

IBM DataPower Gateway 10.0.2.0 through 1.0.3.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system,...

Cross site scripting

IBM DataPower Gateway 10.0.2.0 through 1.0.3.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system,...

CVE-2021-38944

IBM DataPower Gateway 10.0.2.0 through 1.0.3.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system,...

CVE-2021-38944

CVE-2021-38944 affects IBM DataPower Gateway versions listed in the IBM and NVD records where an improper validation of input in the HOST header enables HTTP header injection. The vulnerability arises from inadequate HOST header validation, enabling attackers to perform cross-site scripting, cach...

Security Bulletin: IBM DataPower Gateway vulnerable to HTTP header injection

Summary IBM has addressed the CVE Vulnerability Details CVEID: CVE-2021-38944 DESCRIPTION: IBM DataPower Gateway is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable syste...

GHSA-RP8H-VR48-4J8P Apache Tomcat Exposes IP Addresses and HTTP Headers of Requests

Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by readin...

OpenStack Image Service (Glance) allows remote authenticated users to bypass access restrictions

OpenStack Image Service Glance before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/...

Django WSGI Header Spoofing Vulnerability

Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote attackers to spoof WSGI headers by using an underscore character instead of a - dash character in an HTTP header, as demonstrated by an X-AuthUser header...

ws-xmlrpc DoS Vulnerability

The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service resource consumption by decompressing a large file containing zeroes...

GHSA-QFG7-WC25-R3J2 eGroupware Community Edition Stored XSS vulnerability

Stored XSS vulnerability in eGroupware Community Edition before 16.1.20170922 allows an unauthenticated remote attacker to inject JavaScript via the User-Agent HTTP header, which is mishandled during rendering by the application administrator...

eGroupware Community Edition Stored XSS vulnerability

Stored XSS vulnerability in eGroupware Community Edition before 16.1.20170922 allows an unauthenticated remote attacker to inject JavaScript via the User-Agent HTTP header, which is mishandled during rendering by the application administrator...

Apache Wicket vulnerable to CSRF attacks

Apache Wicket 6.x before 6.25.0, 7.x before 7.5.0, and 8.0.0-M1 provide a CSRF prevention measure that fails to discover some cross origin requests. The mitigation is to not only check the Origin HTTP header, but also take the Referer HTTP header into account when no Origin was provided...

CodeIgniter HTTP Header Injection

British Columbia Institute of Technology CodeIgniter 3.1.3 is vulnerable to HTTP Header Injection in the setstatusheader common function under Apache resulting in HTTP Header Injection flaws...

GHSA-J9F9-8J39-4G97 CodeIgniter HTTP Header Injection

British Columbia Institute of Technology CodeIgniter 3.1.3 is vulnerable to HTTP Header Injection in the setstatusheader common function under Apache resulting in HTTP Header Injection flaws...