11 matches found
CVE-2026-42035 Axios: Header Injection via Prototype Pollution
Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, a prototype pollution gadget exists in the Axios HTTP adapter lib/adapters/http.js that allows an attacker to inject arbitrary HTTP headers into outgoing requests. The vulnerability exploits duck-type...
Denial Of Service (DoS)
Axios is vulnerable to Denial-of-Service. The vulnerability is due to improper handling of data: scheme URLs, where the Node.js HTTP adapter decodes the entire payload into memory and ignores size limits, allowing attackers to supply a very large data URI to cause unbounded memory allocation and...
GE SNMP/Web Interface Adapter Version Detection
Detection of installed version of SNMP/Web Adapter. The script performs Telnet based detection of SNMP/Web Adapter SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2016-0861
General Electric GE Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors...
Code injection
General Electric GE Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to obtain sensitive cleartext account information via unspecified vectors...
CVE-2016-0861
General Electric GE Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors...
Design/Logic Flaw
General Electric GE Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors...
CVE-2016-0862
General Electric GE Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to obtain sensitive cleartext account information via unspecified vectors...
CVE-2016-0862
GE SNMP/Web Interface adapter firmware versions prior to 4.8 are affected by CVE-2016-0862, which enables remote authenticated users to obtain sensitive cleartext account information due to cleartext storage of credentials. The connected ICS-CERT advisory confirms two vulnerabilities (including c...
CVE-2016-0861
The CVE covers GE SNMP/Web Interface adapters (firmware
CVE-2016-0861
General Electric GE Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors...