Lucene search
K

16 matches found

NVD
NVD
added 2026/04/24 12:17 p.m.6 views

CVE-2026-4313

AdaptiveGRC is vulnerable to Stored XSS via text type fields across the forms. Authenticated attacker can replace the value of the text field in the HTTP POST request. Improper parameter validation by the server results in arbitrary JavaScript execution in the victim's browser. Critically, this...

2.4CVSS0.0059EPSS
Exploits0References2
NVD
NVD
added 2026/01/20 12:15 p.m.3 views

CVE-2025-41024

Stored Cross-Site Scripting XSS in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows: 'companyaddress', 'companyemail', 'companyname', 'country',...

5.4CVSS0.00162EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-7381

Malware in sbrugna...

7.5CVSS7.6AI score0.02766EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-31595

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00277EPSS
Exploits1References3
OSV
OSV
added 2025/02/24 1:39 a.m.3 views

USN-7284-1 netty vulnerabilities

Jonathan Leitschuh discovered that Netty did not correctly handle file permissions when writing temporary files. An attacker could possibly use this issue to leak sensitive information. CVE-2022-24823 It was discovered that Netty did not correctly handle limiting the number of fields when decodin...

5.5CVSS6.7AI score0.0138EPSS
Exploits2References3
NVD
NVD
added 2018/08/18 3:29 a.m.22 views

CVE-2018-15504

An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11...

7.5CVSS8AI score0.02766EPSS
Exploits1References5
Prion
Prion
added 2018/08/18 3:29 a.m.17 views

Null pointer dereference

An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11...

5CVSS8AI score0.02766EPSS
Exploits1References5Affected Software3
Cvelist
Cvelist
added 2018/08/18 12:0 a.m.29 views

CVE-2018-15504

An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11...

7.5AI score0.02766EPSS
Exploits1References5
CNVD
CNVD
added 2018/03/09 12:0 a.m.1 views

Reprise License Manager Path Traversal Vulnerability

Reprise License Manager RLM is a suite of license management software from Reprise, Inc. A path traversal vulnerability exists in RLM version 11.0. An attacker could exploit this vulnerability by changing fields in a web request to gain access to files on the file system...

8.5CVSS7AI score0.0177EPSS
Exploits1References1
myhack58
myhack58
added 2017/08/09 12:0 a.m.51 views

See my how-to the Apache fuzzing and dig to a value of 1500 knife of vulnerability-vulnerability warning-the black bar safety net

Target In the AFL in the view of the Apache httpd server's crash logs, I found a lot of problems. For example, some crash testing with example in fuzz testing tools internal collapse, but also affect the test program stability. In this article, I will talk to you to explain the test case to crash...

7.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2017/06/07 5:54 p.m.2 views

httpd: Incomplete handling of LimitRequestFields directive in mod_http2

A vulnerability was found in httpd's handling of the LimitRequestFields directive in modhttp2, affecting servers with HTTP/2 enabled. An attacker could send crafted requests with headers larger than the server's available memory, causing httpd to crash...

7.5CVSS7.1AI score0.7907EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2017/06/07 5:54 p.m.4 views

httpd: Incomplete handling of LimitRequestFields directive in mod_http2

A vulnerability was found in httpd's handling of the LimitRequestFields directive in modhttp2, affecting servers with HTTP/2 enabled. An attacker could send crafted requests with headers larger than the server's available memory, causing httpd to crash...

7.5CVSS7.1AI score0.7907EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2017/04/26 10:19 a.m.5 views

httpd: Incomplete handling of LimitRequestFields directive in mod_http2

A vulnerability was found in httpd's handling of the LimitRequestFields directive in modhttp2, affecting servers with HTTP/2 enabled. An attacker could send crafted requests with headers larger than the server's available memory, causing httpd to crash...

7.5CVSS7.1AI score0.7907EPSS
Exploits4References6
Positive Technologies
Positive Technologies
added 2016/12/04 12:0 a.m.10 views

PT-2016-7559

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.17 through 2.4.23 Description The issue is related to the mod http2 module in the Apache HTTP Server, which does not restrict request-header length when the Protocols configuration includes h2 or h2c. This allow...

7.5CVSS7.3AI score0.7907EPSS
Exploits4References68
RedHat Linux
RedHat Linux
added 2008/06/11 6:43 p.m.2 views

X.org Render extension AllocateGlyph() heap buffer overflow

Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow...

9CVSS8.1AI score0.03178EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/06/11 6:43 p.m.2 views

X.org Render extension ProcRenderCreateCursor() crash

Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to cause a denial of service daemon crash via unspecified request fields that are used to calculate a glyph buffer size, which triggers a...

6.8CVSS7.5AI score0.01641EPSS
Exploits1References4
Rows per page
Query Builder