F5 Networks BIG-IP : TMM vulnerability (K64208870)

Malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default 'normalize URI' configuration options used in iRules and/or BIG-IP LTM policies. CVE-2018-15319 Impact An attacker may be able to disrupt traffic or cause the...

F5 Networks BIG-IP : TMM vulnerability (K34514540)

Malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default 'normalize URI' configuration options used in iRules and/or BIG-IP LTM policies...

CVE-2018-15319

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies...

rubygem-rack: Potential Denial of Service Vulnerability in Rack normalize_params()

A flaw was found in a way Rack processed parameters of incoming requests. An attacker could use this flaw to send a crafted request that would cause an application using Rack to crash...

Trend Micro Control Manager - ImportFile Directory Traversal RCE Exploit

Exploit for windows platform in category remote exploits require 'msf/core' require 'msf/core/exploit/phpexe' class MetasploitModule 'Trend Micro Control Manager importFile Directory Traversal RCE', 'Description' = %q This module exploits a directory traversal vulnerability found in Trend Micro...

CVE-2016-9245

In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default "Normalize URI" configuration options used in...

Information disclosure

In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default "Normalize URI" configuration options used in...

chromium-browser: Use-after-free in Blink

The Web Cryptography API aka WebCrypto implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted JavaScript code,...

UBUNTU-CVE-2016-5142

The Web Cryptography API aka WebCrypto implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted JavaScript code,...

rubygem-rack: Potential Denial of Service Vulnerability in Rack normalize_params()

A flaw was found in a way Rack processed parameters of incoming requests. An attacker could use this flaw to send a crafted request that would cause an application using Rack to crash...

Rack 'normalize_params()' function denial of service vulnerability

Rack is a Ruby Web server interface that unifies APIs for Web servers, Web frameworks, and middleware, and supports calling them using a single method. A security vulnerability in the Rack 'normalizeparams' function allows remote attackers to conduct denial-of-service attacks that can be exploite...

Webkit Normalize Bug - Android 2.2

No description provided by source. !-- CVE-2010-1759 webkit normalize bug Tested on Moto Droidx2 running 2.2. Droidx2 running 2.3 is vulnerable but exploit fails due to non-executable heap. Still working on a way around that : 2.1 - 2.3 emulator. The changes needed are documented in the code. The...

Fedora Update for nodejs-normalize-package-data FEDORA-2013-11780

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for nodejs-normalize-package-data FEDORA-2013-11780

Check for the Version of nodejs-normalize-package-data OpenVAS Vulnerability Test Fedora Update for nodejs-normalize-package-data FEDORA-2013-11780 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

[SECURITY] Fedora 18 Update: nodejs-normalize-package-data-0.2.0-1.fc18

normalize-package-data exports a function that normalizes package metadata. This data is typically found in a package.json file, but in principle could come from any source - for example the npm registry. normalize-package-data is used by read-package-json to normalize the data it reads from a...

Webkit normalize bug for android 2.2 (CVE-2010-1759)

No description provided by source. !-- CVE-2010-1759 webkit normalize bug Tested on Moto Droidx2 running 2.2. Droidx2 running 2.3 is vulnerable but exploit fails due to non-executable heap. Still working on a way around that : 2.1 - 2.3 emulator. The changes needed are documented in the code. The...

Android 2.2 Webkit Normalize

LOADING... var elem1 = document.getElementById"test1"; var elem2 = document.getElementById"test2"; var elem3 = document.getElementById"test3"; function spray for var i = 0; i 180000; i++ var s = new Stringunescape"\u0052\u0052"; // "\u0056\u0056" FOR EMULATOR var scode = unescape"\u5200\u5200"; /...

Webkit normalize bug for android 2.2 (CVE-2010-1759)

Exploit for Android platform in category remote exploits LOADING... var elem1 = document.getElementById"test1"; var elem2 = document.getElementById"test2"; var elem3 = document.getElementById"test3"; function spray for var i = 0; i 180000; i++ var s = new Stringunescape"\u0052\u0052"; //...

Webkit Normalize Bug - Android 2.2

Webkit Normalize Bug - Android 2.2 LOADING... var elem1 = document.getElementById"test1"; var elem2 = document.getElementById"test2"; var elem3 = document.getElementById"test3"; function spray for var i = 0; i 180000; i++ var s = new Stringunescape"\u0052\u0052"; // "\u0056\u0056" FOR EMULATOR va...

PT-2011-1193 · Openldap · Openldap

Name of the Vulnerable Software and Affected Versions: OpenLDAP versions 2.4.26 and earlier Description: The issue is related to an off-by-one error in the UTF8StringNormalize function, which can be exploited by remote attackers to cause a denial of service slapd crash via a zero-length string...