Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')

Summary Insufficient validation of outbound header values may lead to request splitting or response splitting attacks in scenarios where attackers have sufficient control over outbound headers. Details Outbound trilliumhttp::HeaderValue and trilliumhttp::HeaderName can be constructed infallibly a...

python-twisted: disordered HTTP pipeline response in twisted.web

Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP requests in one TCP packet, twisted.web will process the requests asynchronously without guaranteeing the response order. If one of the endpoints is controlled by an attacker, th...

Important: amazon-cloudwatch-agent

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 A malicious HTTP sender can use chunk extensions to cause a receiver...

ASUS Armoury Crate Service Security Vulnerability

ASUS Armoury Crate Service is a software utility program from ASUS, China. It is designed to provide centralized control over supported ROG gaming products. A security vulnerability exists in ASUS Armoury Crate Service that originates from a vulnerability that could allow a remote attacker to...

Oracle Patch Update, January 2024 Security Update Review

Oracle has released its first quarterly edition of Critical Patch Update, which contains patches for 389 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in a wide range of product families, includin...

Resource exhaustion vulnerability in h2 may lead to Denial of Service (DoS)

An attacker with an HTTP/2 connection to an affected endpoint can send a steady stream of invalid frames to force the generation of reset frames on the victim endpoint. By closing their recv window, the attacker could then force these resets to be queued in an unbounded fashion, resulting in Out ...

The vulnerability of the Fortinet FortiPortal security analysis and management tool, related to access control deficiencies, allows attackers to escalate their privileges.

The vulnerability of the Fortinet FortiPortal security analysis and management tool is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges by sending specially crafted HTTP requests remotely...

DEBIAN-CVE-2024-22195

Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template, potentially leading to Cross-Site Scripting XSS. The Jinja xmlattr filter can be abused t...

The vulnerability of FortiOS operating systems and FortiProxy proxy servers, which provide high accessibility, allows attackers to execute arbitrary code with elevated privileges.

The vulnerability of FortiOS operating systems and FortiProxy proxy servers, which are highly accessible, is related to errors in privilege management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with elevated privileges by sending specially crafted HTTP or...

The vulnerability in the implementation of the SMTP protocol on email servers allows attackers to circumvent the SPF security policy and send hidden HTTP requests (HTTP Request Smuggling attack).

The vulnerability of the SMTP protocol implementation in email servers is related to the lack of checks for the integrity of messages during the processing of the . sequence. Exploiting this vulnerability allows a malicious actor to bypass the SPF security policy and send hidden HTTP requests HTT...

OESA-2024-1014 python-twisted security update

Twisted is an event-based framework for internet applications, supporting Python 2.7 and Python 3.5+. It includes modules for many different purposes, including the following: Security Fixes: Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending...

SUSE CVE-2024-0222

Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

PT-2024-19198

Name of the Vulnerable Software and Affected Versions Pico HTTP Server in C through f3b69a6 Description The issue is related to a stack-based buffer overflow in the route function within main.c, caused by a long URI. This can lead to remote code execution. Recommendations For Pico HTTP Server in ...

squid: Buffer over-read in the HTTP Message processing feature

A buffer over-read flaw was found in Squid's HTTP Message processing feature. This issue may allow attackers to perform remote denial of service...

DEBIAN-CVE-2024-0207

HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...

CVE-2023-52262

outdoorbits little-backup-box aka Little Backup Box before f39f91c allows remote attackers to execute arbitrary code because the PHP extract function is used for untrusted input...

Wrangler Code Issue Vulnerability

Cloudflare Wrangler is a repository from Cloudflare, Inc. A security vulnerability exists in Wrangler versions prior to 3.19.0, which stems from the fact that sending specially crafted HTTP requests may result in arbitrary HTTP and WebSocket requests being sent from the server, which could allow ...

The vulnerability of WebRTC implementations in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code or trigger service interruptions.

The vulnerability of WebRTC implementations in Google Chrome and Microsoft Edge stems from the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or trigger a service denial using a specially crafted malicious...

CVE-2023-48115

SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request...

SUSE CVE-2022-4955

Inappropriate implementation in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. Chromium security severity: Medium...