io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

CVE-2021-31641

An unauthenticated XSS vulnerability exists in several IoT devices from CHIYU Technology, including BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, BF-MINI-W, and SEMAC due to a lack of sanitization when the HTTP 404 message is generated...

nscd: Null pointer crashes after notfound response

...

DEBIAN-CVE-2022-39348

Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and scri...

Eclipse Hawkbit Access Control Error Vulnerability

Eclipse hawkBit is a domain-independent backend framework from the Eclipse Foundation. It is used to roll out software updates to constrained edge devices. Eclipse Hawkbit has a security vulnerability in versions prior to 0.3.0M7 where the http404 not found JSON response body returned by restapi...

Eclipse hawkBit 跨站脚本漏洞

Eclipse hawkBit is a domain-independent backend framework from the Eclipse Foundation. It is used to roll out software updates to constrained edge devices. Eclipse Hawkbit has a security vulnerability in versions prior to 0.3.0M7 where the http404 not found JSON response body returned by restapi...

CVE-2020-14016

An issue was discovered in Navigate CMS 2.9 r1433. The forgot-password feature allows users to reset their passwords by using either their username or the email address associated with their account. However, the feature returns a notfound message when the provided username or email address does...

Atlassian Jira Information Disclosure Vulnerability (CNVD-2020-52848)

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace. A security vulnerability exists in Atlassian Jira versions prior to 8.9.1 that stems from the program's various resources using ...