CVE-2017-12153

A security flaw was discovered in the nl80211setrekeydata function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAPNETADMIN capability and...

SF Web Page inaccessible after changing Base URL

- Once the SF is configured, there might be a need to change the Base URL. However, the SF page becomes inaccessible and throws below error - You might also get "Cannot complete your request" on this page...

USN-1368-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server incorrectly handled the SetEnvIf .htaccess file directive. An attacker having write access to a .htaccess file may exploit this to possibly execute arbitrary code. CVE-2011-3607 Prutha Parikh discovered that the modproxy module did not properly intera...

CVE-2010-0013

Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. dot dot in an application/x-msnmsgrp2p MSN emoticon aka custom smiley request, a related issue to CVE-2004-0122. NOTE: it cou...

CVE-2009-0949

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a scheduler request with two consecutive IPPTAGUNSUPPORTED tags...

CVE-2007-3947

request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service daemon crash by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault...

Savant < 3.0 GET Request CGI Source Disclosure

Binary data 1518.prm...

GoAhead DoS

Invalid Content-Length processing in POST request...

Multiple bugs in Microsoft SQL Server

Buffer overflow in LPC request, DoS via RPC request, named pipe impersonalization...

Pi3Web DoS

GET ///.../// trquest leads to DoS...

CVE-2002-0392

Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size...

Remote root buffer overflow in Icecast server

Stack overflow on long GET request...

Denial of Service in SHOUTcast Server 1.8.2 Linux/w32/?

Vendor : Nullsoft Product : SHOUTcast Server 1.8.2 Linux/win32/? Date : 01/08/2001 CONTENTS 1. Overview 2. Details 3. Systems. 4. Denial of Service 5. Vendor Response 1. Overview: SHOUTcast Server is a streaming audio server. A "bad" client request can crash the server. 2. Details Server crash wh...

SalesLogix Eviewer Web App Bug: URL request crashes eviewer web application

Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, I am not liable for any damages caused by direct or indirect use of the information or functionality provided by this advisory. I bear NO responsibility for...