Lucene search
+L

11 matches found

osv
osv
added 2026/04/24 5:38 p.m.1 views

CVE-2026-42035 Axios: Header Injection via Prototype Pollution

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, a prototype pollution gadget exists in the Axios HTTP adapter lib/adapters/http.js that allows an attacker to inject arbitrary HTTP headers into outgoing requests. The vulnerability exploits duck-type...

7.4CVSS6.9AI score0.00394EPSS
Exploits1References3
veracode
veracode
added 2025/09/18 2:16 p.m.6 views

Denial Of Service (DoS)

Axios is vulnerable to Denial-of-Service. The vulnerability is due to improper handling of data: scheme URLs, where the Node.js HTTP adapter decodes the entire payload into memory and ignores size limits, allowing attackers to supply a very large data URI to cause unbounded memory allocation and...

7.5CVSS6.9AI score0.0106EPSS
Exploits1References9Affected Software1
openvas
openvas
added 2016/03/01 12:0 a.m.26 views

GE SNMP/Web Interface Adapter Version Detection

Detection of installed version of SNMP/Web Adapter. The script performs Telnet based detection of SNMP/Web Adapter SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.1AI score
Exploits0
osv
osv
added 2016/02/05 11:59 a.m.4 views

CVE-2016-0861

General Electric GE Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors...

8.8CVSS6AI score0.14243EPSS
Exploits4References5
prion
prion
added 2016/02/05 11:59 a.m.10 views

Code injection

General Electric GE Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to obtain sensitive cleartext account information via unspecified vectors...

4CVSS6.4AI score0.09933EPSS
Exploits4References5Affected Software1
nvd
nvd
added 2016/02/05 11:59 a.m.16 views

CVE-2016-0861

General Electric GE Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors...

9CVSS8.7AI score0.14243EPSS
Exploits4References5
prion
prion
added 2016/02/05 11:59 a.m.14 views

Design/Logic Flaw

General Electric GE Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors...

9CVSS7.8AI score0.14243EPSS
Exploits4References5Affected Software1
cvelist
cvelist
added 2016/02/05 11:0 a.m.26 views

CVE-2016-0862

General Electric GE Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to obtain sensitive cleartext account information via unspecified vectors...

6.5AI score0.09933EPSS
Exploits4References5
cve
cve
added 2016/02/05 11:0 a.m.65 views

CVE-2016-0862

GE SNMP/Web Interface adapter firmware versions prior to 4.8 are affected by CVE-2016-0862, which enables remote authenticated users to obtain sensitive cleartext account information due to cleartext storage of credentials. The connected ICS-CERT advisory confirms two vulnerabilities (including c...

6.5CVSS6.8AI score0.09933EPSS
Exploits4References5Affected Software1
cve
cve
added 2016/02/05 11:0 a.m.58 views

CVE-2016-0861

The CVE covers GE SNMP/Web Interface adapters (firmware

9CVSS8.6AI score0.14243EPSS
Exploits4References5Affected Software1
cvelist
cvelist
added 2016/02/05 11:0 a.m.23 views

CVE-2016-0861

General Electric GE Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors...

8.7AI score0.14243EPSS
Exploits4References5
Rows per page
Query Builder