MiracleLinux 7 : rh-ruby26-ruby-2.6.7-119.el7 (AXSA:2021-1768:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1768:01 advisory. rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code CVE-2019-3881 ruby: NUL injection vulnerability o...

CVE-2005-1150

Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier, when running on Windows systems, allows attackers to cause a denial of service hang...

EUVD-2004-2208

Malware in sbrugna...

CVE-2024-3186

CWE-476 NULL Pointer Dereference vulnerability in the evalExpr function of GoAhead Web Server version = 6.0.0 when compiled with the MEGOAHEADJAVASCRIPT flag. This vulnerability allows a remote attacker with the privileges to modify JavaScript template JST files to trigger a crash and cause a...

CVE-2005-2201

Unknown vulnerability in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to cause a denial of service or access files via crafted HTTP requests...

CVE-2024-10037

A vulnerability exists in the RTU500 web server component that can cause a denial of service to the RTU500 CMU application if a specially crafted message sequence is executed on a WebSocket connection. An attacker must be properly authenticated and the test mode function of RTU500 must be enabled...

Web server DOS through run metrics

This report is not public...

USN-6438-2 .Net regressions

USN-6438-1 fixed vulnerabilities in .Net. It was discovered that the fix for CVE-2023-36799 was incomplete. This update fixes the problem. Original advisory details: Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to...

CVE-2022-34037

An out-of-bounds read in the rewrite function at /modules/caddyhttp/rewrite/rewrite.go in Caddy v2.5.1 allows attackers to cause a Denial of Service DoS via a crafted URI. Note: This has been disputed as a bug, not a security vulnerability, in the Caddy web server that emerged when an...

CVE-2014-2352

The directory specifier can include designators that can be used to traverse the directory path. Exploiting this vulnerability may enable an attacker to access a limited number of hardcoded file types. Further exploitation of this vulnerability may allow an attacker to cause the web server...

Directory traversal

Directory traversal vulnerability in Cogent DataHub before 7.3.5 allows remote attackers to read arbitrary files of unspecified types, or cause a web-server denial of service, via a crafted pathname...

BadBlue 2.52 Web Server Multiple Connections Denial of Service Exploit

Exploit for unknown platform in category dos / poc ====================================================================== BadBlue 2.52 Web Server Multiple Connections Denial of Service Exploit ====================================================================== !/usr/bin/perl BadBlue v2.52 Web...

CVE-2002-1866

Simple Web Server SWS 0.0.4 through 0.1.0 does not close file descriptors for 404 error messages, which could allow remote attackers to cause a denial of service file descriptor exhaustion via multiple requests for pages that do not exist...

SWS Simple Web Server 0.0.30.0.40.1 - New Line Denial of Service

SWS Simple Web Server 0.0.30.0.40.1 - New Line Denial of Service // source: https://www.securityfocus.com/bid/5664/info SWS Simple Web Server is prone to a denial of service when requests not ending with a newline are received. Remote attackers may exploit this condition to deny access to...