Lucene search
K

173 matches found

NVD
NVD
added 2023/07/18 3:15 a.m.24 views

CVE-2023-38434

xHTTP 72f812d has a double free in closeconnection in xhttp.c via a malformed HTTP request method...

7.5CVSS0.009EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/07/18 12:0 a.m.30 views

CVE-2023-38434

xHTTP 72f812d has a double free in closeconnection in xhttp.c via a malformed HTTP request method...

7.8AI score0.009EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/07/11 9:7 a.m.31 views

CVE-2022-29562

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...

3.7CVSS5.5AI score0.00564EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2023/04/10 12:0 a.m.374 views

Tenda N300 F3 12.01.01.48 Header Processing

!/usr/bin/python3 Exploit Title: Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing Shodan Dork: http.favicon.hash:-2145085239 http.title:"Tenda | LOGIN" Date: 09/03/2023 Exploit Author: @h454nsec Github: https://github.com/H454NSec/CVE-2020-35391 Vendor Homepage:...

9.6CVSS6.5AI score0.35005EPSS
Exploits4
OSV
OSV
added 2023/03/01 8:15 a.m.5 views

CVE-2022-20952

A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance WSA, could allow an unauthenticated, remote attacker to bypass a configured rule, thereby allowing traffic onto a network that should have been blocked...

5.3CVSS5.8AI score0.00678EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:51 a.m.6 views

SUSE CVE-2011-3348

The modproxyajp module in the Apache HTTP Server before 2.2.21, when used with modproxybalancer in certain configurations, allows remote attackers to cause a denial of service temporary "error state" in the backend server via a malformed HTTP request...

4.3CVSS6.8AI score0.2238EPSS
Exploits3References4
NVD
NVD
added 2022/11/02 12:15 p.m.24 views

CVE-2022-38381

An improper handling of malformed request vulnerability CWE-228 exists in FortiADC 5.0 all versions, 6.0.0 all versions, 6.1.0 all versions, 6.2.0 through 6.2.3, and 7.0.0 through 7.0.2. This may allow a remote attacker without privileges to bypass some Web Application Firewall WAF protection suc...

9.8CVSS0.00679EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/02/09 11:15 p.m.6 views

CVE-2022-24321

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause Denial of Service against the Geo SCADA server when receiving a malformed HTTP request. Affected Product: ClearSCADA All Versions, EcoStruxure Geo SCADA Expert 2019 All Versions, EcoStruxure Geo...

7.5CVSS7.1AI score0.00999EPSS
Exploits0References2
OSV
OSV
added 2022/02/07 2:15 p.m.19 views

CVE-2021-46389

IIPImage High Resolution Streaming Image Server prior to commit 882925b295a80ec992063deffc2a3b0d803c3195 is affected by an integer overflow in iipsrv.fcgi through malformed HTTP query parameters...

7.5CVSS7.3AI score
Exploits0References2
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.5 views

FileBrowser 跨站请求伪造漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser suffers from a cross-site request forgery vulnerability, which is caused by improper validation of...

8.8CVSS6.4AI score0.06663EPSS
Exploits6References9
Packet Storm
Packet Storm
added 2021/09/14 12:0 a.m.263 views

Ulfius Web Framework Remote Memory Corruption

!/usr/bin/python3 guul.py Ulfius Web Framework Remote Memory Corruption Vulnerability Jeremy Brown Sept 2021 Intro Ulfius Web Framework is used by a number of different projects to build web services. Some of the projects tested and confirmed vulnerable are Glewlwyd SSO Server, Taliesin Audio...

7.5CVSS0.3AI score0.02628EPSS
Exploits3
OSV
OSV
added 2021/09/07 2:15 a.m.20 views

CVE-2021-40540

ulfiusurilogger in Ulfius HTTP Framework before 2.7.4 omits coninfo initialization and a coninfo-request NULL check for certain malformed HTTP requests...

9.8CVSS6.8AI score0.02628EPSS
Exploits3References3
Prion
Prion
added 2021/09/07 2:15 a.m.14 views

Design/Logic Flaw

ulfiusurilogger in Ulfius HTTP Framework before 2.7.4 omits coninfo initialization and a coninfo-request NULL check for certain malformed HTTP requests...

7.5CVSS9.4AI score0.02628EPSS
Exploits3References3Affected Software1
Prion
Prion
added 2021/08/19 11:15 a.m.21 views

Heap overflow

An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length,...

5CVSS8.8AI score0.01675EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/04/22 7:37 p.m.33 views

CVE-2021-0251 Junos OS: MX Series with MS-PIC, MS-SPC3, MS-MIC or MS-MPC: The BRAS Subscriber Services service activation portal is vulnerable to a Denial of Service (DoS) via malformed HTTP packets

A NULL Pointer Dereference vulnerability in the Captive Portal Content Delivery CPCD services daemon cpcd of Juniper Networks Junos OS on MX Series with MS-PIC, MS-SPC3, MS-MIC or MS-MPC allows an attacker to send malformed HTTP packets to the device thereby causing a Denial of Service DoS,...

8.6CVSS8.6AI score0.01064EPSS
Exploits0References1
OSV
OSV
added 2020/06/18 3:15 a.m.4 views

CVE-2020-3244

A vulnerability in the Enhanced Charging Service ECS functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of...

5.3CVSS6.1AI score0.01011EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/05/05 12:0 a.m.66 views

RHEL 7 / 8 : OpenShift Container Platform 4.4.3 haproxy (RHSA-2020:1936)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1936 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

9.8CVSS7.1AI score0.60727EPSS
Exploits1References9
NVD
NVD
added 2020/03/10 8:15 p.m.26 views

CVE-2019-19298

A vulnerability has been identified in SiNVR/SiVMS Video Server All versions = V5.0.0 V5.0.2. The streaming service default port 5410/tcp of the SiVMS/SiNVR Video Server contains a input validation vulnerability, that could allow an unauthenticated remote attacker to cause a Denial-of-Service...

7.5CVSS7.6AI score0.01864EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/03/10 12:0 a.m.10 views

PT-2020-2348 · Siemens · Sinvr/Sivms Video Server

Name of the Vulnerable Software and Affected Versions: SiNVR/SiVMS Video Server versions prior to V5.0.0 SiNVR/SiVMS Video Server versions V5.0.0 through V5.0.1 Description: A vulnerability has been identified in the streaming service of the SiVMS/SiNVR Video Server, which contains an input...

7.8CVSS7.5AI score0.01864EPSS
Exploits0References3
OSV
OSV
added 2019/11/20 4:15 p.m.8 views

CVE-2011-0529

Weborf before 0.12.5 is affected by a Denial of Service DOS due to malformed fields in HTTP...

7.5CVSS6.7AI score0.01309EPSS
Exploits1References4
Rows per page
Query Builder