16 matches found
CVE-2005-1572
ShowOff! 1.5.4 allows remote attackers to cause a denial of service server crash via a malformed request to port 8083...
EUVD-2025-122610
Malicious code in request-server-ariel-sirius npm...
EUVD-2023-0230
Malicious code in bioql PyPI...
EUVD-2024-54684
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-38823
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Salt's request server is vulnerable to replay attacks when not using a TLS encrypted transport. CVE-2024-38823 Note that Nessus relies on the presence of the...
CVE-2025-53531
WeGIA is a web manager for charitable institutions. The Wegia server has a vulnerability that allows excessively long HTTP GET requests to a specific URL. This issue arises from the lack of validation for the length of the fid parameter. Tests confirmed that the server processes URLs up to 8,142...
Replay Attack
Overview salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable t...
CVE-2024-38823
Salt's request server is vulnerable to replay attacks when not using a TLS encrypted transport...
CVE-2024-38823
CVE-2024-38823: Salt’s request server is vulnerable to replay attacks when not using TLS. The initial description confirms the vulnerability and CVSS v3.1 base score of 2.7 (LOW) with network attack vector, requiring high privileges and no user interaction. Connected documents (SUSE advisories) i...
Combodo iTop 代码问题漏洞
Combodo iTop is a suite of open source web applications developed by French company Combodo based on ITIL and used for the daily operation of IT environments. The program provides incident management, configuration management and problem management. A code issue vulnerability exists in Combodo iT...
Denial Of Service (DoS)
github.com/kubeedge/kubeedge is vulnerable to denial of service DoS attacks. An attacker is able to cause denial of service conditions via memory exhaustion by sending a specifically crafted HTTP request with a large body through the signEdgeCert function in server.go...
CVE-2022-31827
MonstaFTP v2.10.3 was discovered to contain a Server-Side Request Forgery SSRF via the function performFetchRequest at HTTPFetcher.php...
SaltStack Salt Master Server Root Key Disclosure
This module exploits unauthenticated access to the prepauthinfo method in the SaltStack Salt master's ZeroMQ request server, for versions 2019.2.3 and earlier and 3000.1 and earlier, to disclose the root key used to authenticate administrative commands to the master. VMware vRealize Operations...
Directory Traversal
sprockets is vulnerable to directory traversals. A malicious user can send a http request with the file:// parameter to request and download files from the server...
ALPINE-CVE-2018-19963
An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service host OS crash or possibly gain host OS privileges because x86 IOREQ server resource accounting for external emulators was mishandled...
Remote DoS Attack in Windows 2000/NT 4.0 TCP/IP Print Request Server Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS Attack in Windows 2000/NT 4.0 TCP/IP Print Request Server Vulnerability USSR Advisory Code: USSR-2000037 Release Date: March 28, 2000 Systems Affected: Microsoft Windows NT 4.0 Workstation Microsoft Windows NT 4.0 Server Microsoft Windows N...