Lucene search
K

4 matches found

Citrix
Citrix
added 2024/10/30 12:0 a.m.6 views

Custom application fails to launch when the command line exceeds 203 characters

Custom application fails to launch when the command line exceeds 203 characters. Application appears to launch and then disappears...

7.2AI score
Exploits0
Amazon
Amazon
added 2024/05/28 12:0 a.m.4 views

Medium: golang

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

7.5CVSS6.6AI score0.91969EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2019/08/06 2:16 p.m.4 views

systemd: line splitting via fgets() allows for state injection during daemon-reexec

It was discovered that systemd is vulnerable to a state injection attack when deserializing the state of a service. Properties longer than LINEMAX are not correctly parsed and an attacker may abuse this flaw in particularly configured services to inject, change, or corrupt the service state...

7.8CVSS7.3AI score0.02279EPSS
Exploits4References4
Hacker One
Hacker One
added 2018/05/12 11:16 a.m.16 views

Greenhouse.io: Bypass of request line length limit to DoS via cache poisoning

Summary This is a bypass of the fix that was introduced in response to report 334709. The bug in question was that it was possible to poison the cache of the generated JS file at https://boards.greenhouse.io/embed/jobboard/js?for=surveymonkey, by appending a URL-encoded NULL byte %00, followed by...

7.2AI score
Exploits0
Rows per page
Query Builder