Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Prion
Prionadded 2022/10/31 7:15 p.m.13 views

Design/Logic Flaw

conduit-hyper integrates a conduit application with the hyper server. Prior to version 0.4.2, conduit-hyper did not check any limit on a request's length before calling hyper::body::tobytes. An attacker could send a malicious request with an abnormally large Content-Length, which could lead to a...

5CVSS7.4AI score0.00334EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2022/10/31 6:44 p.m.14 views

GHSA-9398-5GHF-7PR6 conduit-hyper vulnerable to Denial of Service from unchecked request length

Prior to version 0.4.2, conduit-hyper did not check any limit on a request's length before calling hyper::body::tobytes. An attacker could send a malicious request with an abnormally large Content-Length, which could lead to a panic if memory allocation failed for that request. In version 0.4.2,...

7.5CVSS7.4AI score0.00334EPSS
Exploits0References5
Cvelist
Cvelistadded 2022/10/31 12:0 a.m.18 views

CVE-2022-39294 (DoS) Denial of Service from unchecked request length in conduit-hyper

conduit-hyper integrates a conduit application with the hyper server. Prior to version 0.4.2, conduit-hyper did not check any limit on a request's length before calling hyper::body::tobytes. An attacker could send a malicious request with an abnormally large Content-Length, which could lead to a...

7.5CVSS7.6AI score0.00334EPSS
Exploits0References1
OSV
OSVadded 2022/10/30 12:0 p.m.9 views

RUSTSEC-2022-0066 Denial of Service from unchecked request length

Prior to version 0.4.2, conduit-hyper did not check any limit on a request's length before calling hyper::body::tobytes. An attacker could send a malicious request with an abnormally large Content-Length, which could lead to a panic if memory allocation failed for that request. In version 0.4.2,...

7.5CVSS7.4AI score0.00334EPSS
Exploits0References3
OSV
OSVadded 2020/09/16 3:15 p.m.2 views

CVE-2020-1710

The issue appears to be that JBoss EAP 6.4.21 does not parse the field-name in accordance to RFC72301 as it returns a 200 instead of a 400...

5.3CVSS5.4AI score
Exploits0References1
Citrix
Citrixadded 2019/01/28 12:0 a.m.7 views

Citrix Web Application Firewall : 400 Bad Request

Getting the error "The request failed with HTTP status 400:." when opening an application hosted using a Load balancing Virtual Server when Application Firewall Profile is bound. Sample entry seen in /var/log/ns.log : Nov 22 09:49:45 172.25.224.219 11/22/2018:09:49:45 GMT qahvpxlb09 0-PPE-1 :...

7AI score
Exploits0
Exploit DB
Exploit DBadded 2012/01/31 12:0 a.m.240 views

Apache - httpOnly Cookie Disclosure

// Source: https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08 // Most browsers limit cookies to 4k characters, so we need multiple function setCookies good // Construct string for cookie value var str = ""; for var i=0; i content var content =...

7.4AI score
Exploits0
Rows per page
Query Builder