5 matches found
SUSE CVE-2026-6324
A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the soupbodyinputstreamreadchunked function by sending a malicious HTTP request. This vulnerability occurs when libsoup operates behind a non-libsoup proxy server or as a proxy in front of a...
Ubuntu 16.04 ESM : HTTP-Daemon vulnerability (USN-5520-2)
The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5520-2 advisory. USN-5520-1 fixed a vulnerability in HTTP-Daemon. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has extracted th...
Input validation
The DNS Resolver Cache Service aka DNSCache in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dynamic updates are enabled, does not reuse cached DNS responses in all applicable situations, which makes it easier for remote attackers to predict...
CVE-2009-0233
CVE-2009-0233 is the DNS Resolver Cache Service (DNSCache) vulnerability in Windows DNS Server. When dynamic updates are enabled, the server may fail to reuse cached DNS responses in all scenarios, enabling remote attackers to predict transaction IDs and poison caches by sending crafted DNS queri...
Crlf injection
CRLF injection vulnerability in inc/function.php in MyBulletinBoard MyBB 1.04 allows remote attackers to conduct cross-site scripting XSS, poison caches, or hijack pages via CRLF %0A%0D sequences in the Referrer HTTP header field, possibly when redirecting to other web pages...