The vulnerability of the http_header_value function (ext/standard/http_fopen_wrapper.c) in the PHP programming language allows a attacker to cause a service failure.

The vulnerability of the httpheadervalue function ext/standard/httpfopenwrapper.c in the PHP programming language is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause service failures remotely...

CLSA-2022-1650377152 Fix CVE(s): CVE-2020-11724

SECURITY UPDATE: HTTP request smuggling in Lua module - debian/modules/nginx-lua: Fix parsing HTTP headers in the ngx.location.capture API porting an upstream patch 9ab38e8ee35fc08a57636b1b6190dca70b0076fa from https://github.com/openresty/lua-nginx-module - CVE-2020-11724...

Design/Logic Flaw

A vulnerability has been identified in SCALANCE X302-7 EEC 230V, SCALANCE X302-7 EEC 230V, coated, SCALANCE X302-7 EEC 24V, SCALANCE X302-7 EEC 24V, coated, SCALANCE X302-7 EEC 2x 230V, SCALANCE X302-7 EEC 2x 230V, coated, SCALANCE X302-7 EEC 2x 24V, SCALANCE X302-7 EEC 2x 24V, coated, SCALANCE...

Ubuntu 16.04 ESM : Django vulnerabilities (USN-5373-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5373-2 advisory. USN-5373-1 fixed several vulnerabilities in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...

Ubuntu 18.04 LTS / 20.04 LTS : Django vulnerabilities (USN-5373-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5373-1 advisory. It was discovered that Django incorrectly handled certain certain column aliases in the QuerySet.annotate, aggregate, and extra methods. A...

PT-2022-7650 · Puma +11 · Puma +11

Name of the Vulnerable Software and Affected Versions: Puma versions prior to 4.3.12 Puma versions prior to 5.6.4 Description: The issue is related to the handling of HTTP requests in Puma, a server for Ruby/Rack applications. When Puma is used behind a proxy that does not properly validate...

CVE-2022-22344

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or...

Cross site scripting

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or...

CVE-2022-22344

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or...

PT-2022-15376 · Ibm · Ibm Spectrum Copy Data Management

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Copy Data Management versions 2.2.0.0 through 2.2.14.3 Description: The issue is caused by improper validation of input by the HOST headers, leading to HTTP header injection. This could allow an attacker to conduct various attack...

Security Bulletin: IBM Spectrum Copy Data Management is vulnerable to Slowloris, HTTP header injection, XSS, and CSRF (CVE-2022-22354, CVE-2022-22344, CVE-2021-39055, CVE-2021-39051)

Summary IBM Spectrum Copy Data Management is vulnerable to Slowloris HTTP denial of service, HTTP header injection, cross-site scripting XSS, and server-side request forgery CSRF attacks. Vulnerability Details CVEID: CVE-2022-22354 DESCRIPTION: IBM Spectrum Protect Plus and IBM Spectrum Copy Data...

HTTP Header Injection

stanford-corenlp is vulnerable to HTTP header injection. The addResults function of NERServlet.java does not properly validate the data in an HTTP response, allowing an attacker to inject malicious headers in requests...

Jatayu - Stealthy Stand Alone PHP Web Shell

JATAYU Stealthy Stand Alone PHP Web Shell FEATURES Http Header Based Authentication. 100% Undetectable. Exec Function Changer. Nothing Fancy USAGE GET /test/jatayu.php?fn=1&&cmd=whoami Host : http://test.com Authtoken : bb3b1a1f-0447-42a6-955a-88681fb88499 FUNCTIONS PARAMETER | FUNCTION ---|---...

VulnCheck KEV: CVE-2018-1303

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of modcachesocache. The vulnerability is...

ruby: HTTP response splitting in WEBrick

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients...

Auto Spare Parts Management 1.0 SQL Injection

Title: Auto-Spare-Parts-Management v1.0 remote SQL-Injections Author: nu11secur1ty Date: 02.19.2022 Vendor: https://github.com/pavanpatil45 Software: https://github.com/pavanpatil45/Auto-Spare-Parts-Management Description: The Referer HTTP header on Auto-Spare-Parts-Management v1.0 system appears...

CVE-2022-24112

An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX with default API key is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different...

GHSA-RVPC-W57P-Q95F HTTP Response Splitting in WSO2 transport-http

Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled...

Upload of file to arbitrary path in Apache Flink

Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or...

Authorization

An issue was discovered in Servisnet Tessa 0.0.2. An attacker can add a new sysadmin user via a manipulation of the Authorization HTTP header...