EUVD-2019-2437

Malware in sbrugna...

Important: python-waitress

Issue Overview: Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recvbytes defaults to 8192 long, followed by a secondary request using HTTP pipelining. When request lookahead is disabled default we won't read any more...

Exploit for Improper Input Validation in Cacti

CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26 Fully auto...

SUSE CVE-2014-4650

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as...

PT-2022-20460 · Pypi · Waitress

Name of the Vulnerable Software and Affected Versions: Waitress versions 2.1.0 through 2.1.1 Description: Waitress is a Web Server Gateway Interface server for Python 2 and 3. The issue arises when a thread closes a socket while the main thread is about to call select, leading to the main thread...

Waitress denial of service vulnerability

Waitress is a WSGI Web Server Gateway Interface server for Python. A denial of service vulnerability exists in Waitress, which can be exploited to cause a denial of service by sending specially designed headers containing invalid characters that consume all available CPU resources...

Waitress Environmental Vulnerability (CNVD-2020-01313)

Waitress is a WSGI Web Server Gateway Interface server for Python. An environmental issue vulnerability exists in Waitress 1.3.1 and earlier versions. The vulnerability stems from an unreasonable environmental factor in a networked system or product. No detailed vulnerability details are provided...

Waitress Environmental Vulnerabilities (CNVD-2020-01314)

Waitress is a WSGI Web Server Gateway Interface server for Python. An environmental issue vulnerability exists in Waitress 1.3.1 and earlier versions. The vulnerability stems from an unreasonable environmental factor in a networked system or product. No detailed vulnerability details are provided...

CVE-2019-10633

An eval injection vulnerability in the Python web server routing on the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to execute arbitrary code via the tjp6jp6y4, simZysh, and ck6fup6 APIs...

Apple Mac OS X Server Wiki服务器目录遍历漏洞

BUGTRAQ ID: 28278 CVECAN ID: CVE-2008-1000 Mac OS X Server也被称为Leopard Server，是苹果发布的集成了多种功能的服务器。 MacOS X Server中默认启用的python Web服务器Wiki Server受目录遍历攻击的影响，远程攻击者可能利用此漏洞控制服务器。 可以编辑wiki内容的用户可以上传文件替换wiki服务器可写入的内容，导致以wiki服务器的权限执行任意代码。以下是/usr/share/wikid/lib/python/applewlt/ContentServer.py文件中有漏洞的代码段：...

CORE-2008-0123: Leopard Server Remote Path Traversal

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Leopard Server Remote Path Traversal Advisory Information Title: Leopard Server Remote Path Traversal Advisory ID: CORE-2008-0123 Advisory URL:...

Leopard Server Remote Path Traversal

Advisory ID Internal CORE-2008-0123 Advisory Information Title: Leopard Server Remote Path Traversal Advisory ID: CORE-2008-0123 Date published: 2008-03-18 Date of last update: 2008-03-18 Vendors contacted: Apple Inc. Release mode: Coordinated release Vulnerability Information Class: Remote Path...