CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5781 matches found

SUSE CVE•added 2023/02/15 3:37 a.m.•3 views

SUSE CVE-2021-41524

While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project...

7.5CVSS9AI score0.24982EPSS

Exploits0References3

BDU FSTEC•added 2023/02/15 12:0 a.m.•3 views

The vulnerability in the httpd-demon of TP-Link Archer C5 version 2 and TP-Link WR710N version 1 allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the httpd daemon in the microprogramming-based routing software of TP-Link Archer C5 version 2 and TP-Link WR710N version 1 is related to buffer overflows during packet processing. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service...

9CVSS8.7AI score0.01781EPSS

Exploits0References4Affected Software2

BDU FSTEC•added 2023/02/15 12:0 a.m.•4 views

The vulnerability in the strcmp() function of the httpd daemon of the microprogrammed router software for TP-Link Archer C5 version 2 and TP-Link WR710N version 1 allows a hacker to gain unauthorized access to protected information.

The vulnerability of the strcmp function in the httpd daemon of TP-Link Archer C5 version 2 and TP-Link WR710N version 1 is related to the creation of a secondary synchronization channel due to time differences. Exploiting this vulnerability can allow an attacker to gain unauthorized access to...

6.4CVSS7.5AI score0.00709EPSS

Exploits0References4Affected Software2

CBLMariner•added 2023/02/14 8:36 p.m.•16 views

CVE-2022-37436 affecting package httpd for versions less than 2.4.55-1

CVE-2022-37436 affecting package httpd for versions less than 2.4.55-1. An upgraded version of the package is available that resolves this issue...

5.3CVSS7.8AI score0.57941EPSS

Exploits0

CBLMariner•added 2023/02/14 8:36 p.m.•23 views

CVE-2022-36760 affecting package httpd for versions less than 2.4.55-1

CVE-2022-36760 affecting package httpd for versions less than 2.4.55-1. An upgraded version of the package is available that resolves this issue...

9CVSS9.5AI score0.01879EPSS

Exploits0

CBLMariner•added 2023/02/14 2:35 a.m.•18 views

CVE-2022-37436 affecting package httpd 2.4.54-1

CVE-2022-37436 affecting package httpd 2.4.54-1. An upgraded version of the package is available that resolves this issue...

5.3CVSS9.8AI score0.57941EPSS

Exploits0

CBLMariner•added 2023/02/14 2:35 a.m.•29 views

CVE-2022-36760 affecting package httpd 2.4.54-1

CVE-2022-36760 affecting package httpd 2.4.54-1. An upgraded version of the package is available that resolves this issue...

9CVSS9.8AI score0.01879EPSS

Exploits0

Cvelist•added 2023/02/11 5:0 p.m.•17 views

CVE-2023-0782 Tenda AC23 httpd formGetSysToolDDNS out-of-bounds write

A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. Affected by this issue is the function formSetSysToolDDNS/formGetSysToolDDNS of the file /bin/httpd. The manipulation leads to out-of-bounds write. The attack may be launched remotely. The exploit has been disclosed t...

8.3CVSS9.7AI score0.01473EPSS

Exploits1References3

Positive Technologies•added 2023/02/11 12:0 a.m.•3 views

PT-2023-7624 · Tenda · Tenda Ac23

Name of the Vulnerable Software and Affected Versions: Tenda AC23 version 16.03.07.45 Description: The issue is related to a stack-based buffer overflow in the formSetSysToolDDNS/formGetSysToolDDNS function of the /bin/httpd file. This can be exploited by a remote attacker to cause a denial of...

10CVSS7.3AI score0.01473EPSS

Exploits1References7

OpenVAS•added 2023/02/03 12:0 a.m.•38 views

Fedora: Security Advisory for httpd (FEDORA-2023-6d4055d482)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9CVSS7.7AI score0.01879EPSS

Exploits0References2

NVD•added 2023/02/01 5:15 p.m.•14 views

CVE-2023-0617

A vulnerability was found in TRENDNet TEW-811DRU 1.0.10.0. It has been classified as critical. This affects an unknown part of the file /wireless/guestnetwork.asp of the component httpd. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has bee...

7.8CVSS7.7AI score0.00999EPSS

Exploits1References2

Prion•added 2023/02/01 5:15 p.m.•13 views

Buffer overflow

7.8CVSS7.7AI score0.00999EPSS

Exploits1References2Affected Software1

Cvelist•added 2023/02/01 4:45 p.m.•18 views

CVE-2023-0617 TRENDNet TEW-811DRU httpd guestnetwork.asp buffer overflow

7.8CVSS7.9AI score0.00999EPSS

Exploits1References2

CVE•added 2023/02/01 4:45 p.m.•48 views

CVE-2023-0617

CVE-2023-0617 affects TRENDNet TEW-811DRU v1.0.10.0. The vulnerability resides in the httpd component, specifically the /wireless/guestnetwork.asp file, where manipulation leads to a buffer overflow. It supports remote initiation and has publicly disclosed exploit information. The CVSS data in so...

7.8CVSS7.7AI score0.00999EPSS

Exploits1References2Affected Software1

Cvelist•added 2023/02/01 1:40 p.m.•24 views

CVE-2023-0613 TRENDnet TEW-811DRU httpd security.asp memory corruption

A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /wireless/security.asp of the component httpd. The manipulation leads to memory corruption. The attack can be launched remotely. The...

7.8CVSS7.8AI score0.00933EPSS

Exploits1References2

Cvelist•added 2023/02/01 1:31 p.m.•14 views

CVE-2023-0612 TRENDnet TEW-811DRU httpd basic.asp buffer overflow

A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. Affected is an unknown function of the file /wireless/basic.asp of the component httpd. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been...

7.8CVSS7.9AI score0.00855EPSS

Exploits0References2

CVE•added 2023/02/01 1:31 p.m.•39 views

CVE-2023-0612

The CVE-2023-0612 entry concerns TRENDnet TEW-811DRU (version 1.0.10.0) with a vulnerability in the httpd component, specifically an unknown-function in /wireless/basic.asp. The underlying issue is a buffer overflow that can be triggered remotely, making it a network-exposed issue. According to t...

7.8CVSS7.8AI score0.00855EPSS

Exploits0References2Affected Software1

CNNVD•added 2023/02/01 12:0 a.m.•5 views

TRENDnet TEW-811DRU 安全漏洞

The TRENDnet TEW-811DRU is a wireless router from TRENDnet. A security vulnerability exists in the TRENDnet TEW-811DRU version 1.0.10.0, which originates from a buffer overflow due to an unknown section in the wireless/guestnetwork.asp file of the component httpd...

7.8CVSS7.6AI score0.00999EPSS

Exploits1References3

CNNVD•added 2023/02/01 12:0 a.m.•3 views

TRENDnet TEW-811DRU 缓冲区错误漏洞

The TRENDnet TEW-811DRU is a wireless router from Trendnet, Inc. A buffer error vulnerability exists in the TRENDnet TEW-811DRU version 1.0.10.0, which originates from an unknown function in the file /wireless/security.asp of the component httpd, resulting in memory corruption...

7.8CVSS7.4AI score0.00933EPSS

Exploits1References3