Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-50965
In MicroHttpServer (aka Micro HTTP Server) through 4398570, _ReadStaticFiles in lib/middleware.c allows a stack-based buffer overflow and potentially remote code execution via a long URI.
Starnight Micro Http Server -
9.8
CVSSv3
CVE-2023-43177
CrushFTP before 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes.
Crushftp Crushftp
1 Github repository
2 Articles
9.8
CVSSv3
CVE-2023-24585
An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.
Weston-embedded Cesium Net 3.07.01
Weston-embedded Uc-http 3.01.01
Silabs Gecko Software Development Kit 4.3.1
9.8
CVSSv3
CVE-2023-25181
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted set of network packets can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability.
Weston-embedded Cesium Net 3.07.01
Weston-embedded Uc-http 3.01.01
Silabs Gecko Software Development Kit 4.3.1
9.8
CVSSv3
CVE-2023-31247
A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
Weston-embedded Cesium Net 3.07.01
Weston-embedded Uc-http 3.01.01
Silabs Gecko Software Development Kit 4.3.1
9.8
CVSSv3
CVE-2023-27882
A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
Weston-embedded Cesium Net 3.07.01
Weston-embedded Uc-http 3.01.01
Silabs Gecko Software Development Kit 4.3.1
9.8
CVSSv3
CVE-2023-28379
A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
Weston-embedded Cesium Net 3.07.01
Weston-embedded Uc-http 3.01.01
Silabs Gecko Software Development Kit 4.3.1
9.8
CVSSv3
CVE-2023-28391
A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafted network packets can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
Weston-embedded Cesium Net 3.07.01
Weston-embedded Uc-http 3.01.01
Silabs Gecko Software Development Kit 4.3.1
9.8
CVSSv3
CVE-2023-43982
Bon Presta boninstagramcarousel between v5.2.1 to v7.0.0 exists to contain a Server-Side Request Forgery (SSRF) via the url parameter at insta_parser.php. This vulnerability allows malicious users to use the vulnerable website as proxy to attack other websites or exfiltrate data ...
Bontheme Socialfeed - Photos \\& Video Using Instagram Api
9.8
CVSSv3
CVE-2023-38545
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 byte...
Haxx Libcurl
Fedoraproject Fedora 37
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Microsoft Windows 10 22h2
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 11 23h2
Microsoft Windows 10 1809
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Microsoft Windows 10 21h2
9 Github repositories
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »