Lucene search
K

15 matches found

Openbugbounty
Openbugbounty
added 2023/07/05 8:37 a.m.8 views

1851-unfilmed.org.uk Cross Site Scripting vulnerability OBB-3478506

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:49 p.m.37 views

K22356857: APT remote code injection vulnerability CVE-2019-3462

Security Advisory Description Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. CVE-2019-3462 Impact There is no impact; F5...

9.3CVSS7.3AI score0.14555EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2022/05/20 10:48 p.m.46 views

CVE-2019-3462

Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine...

9.3CVSS4.3AI score0.14555EPSS
Exploits0References2
Prion
Prion
added 2020/06/03 11:15 p.m.18 views

Command injection

In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host via ipv6.disable=1 ...

3.5CVSS6.5AI score0.14555EPSS
Exploits0References2Affected Software1
Openbugbounty
Openbugbounty
added 2020/04/07 12:27 p.m.13 views

theemcoe.org Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1135400 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

6.2AI score
Exploits0
NVD
NVD
added 2019/01/28 9:29 p.m.23 views

CVE-2019-3462

Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine...

9.3CVSS7.3AI score0.14555EPSS
Exploits0References8
OSV
OSV
added 2019/01/28 9:29 p.m.12 views

CVE-2019-3462

Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine...

8.1CVSS7.2AI score
Exploits0References8
CVE
CVE
added 2019/01/28 9:0 p.m.250 views

CVE-2019-3462

CVE-2019-3462 affects apt 1.4.8 and earlier due to incorrect sanitation of the 302 redirect field in the HTTP transport, enabling content injection by a MITM attacker and potentially leading to remote code execution. Public docs confirm the flaw is in apt’s redirect handling and that exploitation...

9.3CVSS7.1AI score0.14555EPSS
Exploits0References8Affected Software1
Check Point Advisories
Check Point Advisories
added 2019/01/28 12:0 a.m.7 views

Advanced Package Tool Remote Code Execution (CVE-2019-3462)

A remote code execution vulnerability exists in Advanced Package Tool. The vulnerability is due to lack of sanitation on Location headers in HTTP responses. Successful exploitation could result in installation and execution of altered packages...

9.3CVSS3.9AI score0.14555EPSS
Exploits0
Cloud Foundry
Cloud Foundry
added 2019/01/24 12:0 a.m.79 views

USN-3863-1: APT vulnerability | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Max Justicz discovered that APT incorrectly handled certain parameters during redirects. If a remote attacker were able to perform a man-in-the-middle attack,...

9.3CVSS6.7AI score0.14555EPSS
Exploits0
Circl
Circl
added 2019/01/22 5:40 p.m.5 views

CVE-2019-3462

creationtimestamp| type| source ---|---|--- 2019-01-22 17:40:03+00:00| seen| https://t.me/canyoupwnme/5039 2019-01-23 08:41:50+00:00| seen| https://t.me/thehackernews/178 2019-01-23 11:22:52+00:00| seen| https://t.me/SecLabNews/4085 2019-01-31 10:11:02+00:00| published-proof-of-concept|...

9.3CVSS6.6AI score0.14555EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2019/01/22 4:20 p.m.5 views

Critical RCE Flaw in Linux APT Allows Remote Attackers to Hack Systems

Just in time… Some cybersecurity experts this week arguing over Twitter in favor of not using HTTPS and suggesting software developers to only rely on signature-based package verification, just because APT on Linux also does the same. Ironically, a security researcher just today revealed details ...

9.3CVSS7.5AI score0.14555EPSS
Exploits0
Debian
Debian
added 2019/01/22 2:31 p.m.240 views

[SECURITY] [DLA 1637-1] apt security update

Package : apt Version : 1.0.9.8.5 CVE ID : CVE-2019-3462 Debian Bug : Max Justicz discovered a vulnerability in APT, the high level package manager. The code handling HTTP redirects in the HTTP transport method doesnt properly sanitize fields transmitted over the wire. This vulnerability could be...

9.3CVSS7.2AI score0.14555EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2019/01/22 12:0 p.m.32 views

CVE-2019-3462

Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine...

9.3CVSS7.5AI score0.14555EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2019/01/21 12:0 a.m.30 views

Debian: Security Advisory (DLA-1637-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.9AI score0.14555EPSS
Exploits0References30
Rows per page
Query Builder