Cloud Foundry BOSH Director 安全漏洞

Cloud Foundry BOSH Director is a cloud infrastructure deployment and lifecycle management platform developed by the US Cloud Foundry company. There is a security vulnerability in Cloud Foundry BOSH Director. This vulnerability stems from the AgentClient failing to normalize the strings provided b...

PT-2026-5467

Port Forwarding Wizard 4.8.0 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code through a long request in the Register feature. Attackers can craft a malicious payload with an egg tag and overwrite SEH handlers to potentially execute shellcode on...

EUVD-2011-0549

Malware in sbrugna...

SUSE CVE-2022-29227

Envoy is a cloud-native high-performance edge/middle/service proxy. In versions prior to 1.22.1 if Envoy attempts to send an internal redirect of an HTTP request consisting of more than HTTP headers, there's a lifetime bug which can be triggered. If while replaying the request Envoy sends a local...

PT-2024-22791 · Unknown +2 · Riverline/Multipart-Parser +2

Name of the Vulnerable Software and Affected Versions: Bref versions prior to 2.1.17 Description: The issue arises when Bref is used with the Event-Driven Function runtime and the handler is a RequestHandlerInterface. During the conversion of a Lambda event to a PSR7 object, if the request is a...

SUSE CVE-2012-4557

The modproxyajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service worker consumption via an expensive request...

SUSE CVE-2013-2014

OpenStack Identity Keystone before 2013.1 allows remote attackers to cause a denial of service memory consumption and crash via multiple long requests...

CVE-2022-28994

Small HTTP Server version 3.06 suffers from a remote buffer overflow vulnerability via long GET request...

CVE-2021-22124

An uncontrolled resource consumption denial of service vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6; and FortiAuthenticator before 6.0.6 may allow an unauthenticated attacker to bring the device into an unresponsive state via...

PT-2022-20313 · Lighttpd +1 · Lighttpd +1

Name of the Vulnerable Software and Affected Versions: Lighttpd versions 1.4.56 through 1.4.58 Description: The issue allows a remote attacker to cause a denial of service due to CPU consumption from stuck connections. This is because a typo in the connection read header more function in...

UBUNTU-CVE-2016-5114

sapi/fpm/fpm/fpmlog.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 misinterprets the semantics of the snprintf return value, which allows attackers to obtain sensitive information from process memory or cause a denial of service out-of-bounds read and buffer overflow via a long...

BRS WebWeaver 1.0 4 POST and HEAD Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7695/info When WebWeaver receives unusually long POST or HEAD requests, a denial of service condition may result. Restarting WebWeaver will allow normal operation to resume. This vulnerability was reported for WebWeaver...

Microsoft IIS 5 WebDAV PROPFIND and SEARCH Method Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7735/info Microsoft Internet Information Services has been reported vulnerable to a denial of service. When WebDAV receives excessively long requests to the 'PROPFIND' or 'SEARCH' variables, the IIS service will fail. All...

CVE-2013-2014

OpenStack Identity Keystone before 2013.1 allows remote attackers to cause a denial of service memory consumption and crash via multiple long requests...

CVE-2013-2014

OpenStack Identity Keystone before 2013.1 allows remote attackers to cause a denial of service memory consumption and crash via multiple long requests...

CVE-2013-2014

OpenStack Identity Keystone before 2013.1 allows remote attackers to cause a denial of service memory consumption and crash via multiple long requests...

Monkey HTTP Server <= 1.2.0 Host Header Buffer Overflow Vulnerability

Monkey HTTP Server is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2012-4557

The modproxyajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service worker consumption via an expensive request...

httpd: mod_proxy_ajp worker moved to error state when timeout exceeded

The modproxyajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service worker consumption via an expensive request...

httpd: mod_proxy_ajp worker moved to error state when timeout exceeded

The modproxyajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service worker consumption via an expensive request...