Lucene search
+L

54 matches found

OSV
OSV
added 2021/12/08 1:15 p.m.5 views

CVE-2021-43064

A url redirection to untrusted site 'open redirect' in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to use the device as a proxy and reach external or protected hosts via redirection handlers...

6.1CVSS5.6AI score0.0061EPSS
Exploits0References1
NVD
NVD
added 2021/12/08 1:15 p.m.25 views

CVE-2021-43064

A url redirection to untrusted site 'open redirect' in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to use the device as a proxy and reach external or protected hosts via redirection handlers...

6.1CVSS0.0061EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/12/08 12:33 p.m.20 views

CVE-2021-43064

A url redirection to untrusted site 'open redirect' in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to use the device as a proxy and reach external or protected hosts via redirection handlers...

4.3CVSS6.4AI score0.0061EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/12/08 12:33 p.m.10 views

CVE-2021-43064

A url redirection to untrusted site 'open redirect' in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to use the device as a proxy and reach external or protected hosts via redirection handlers...

4.3CVSS6.7AI score0.0061EPSS
Exploits0References1
Veracode
Veracode
added 2020/04/10 12:44 a.m.31 views

Spoofed Messages

sendmail is vulnerable to spoofed messages. The vulnerability exists as the configuration of sendmail in Red Hat Enterprise Linux was found to not reject the "localhost.localdomain" domain name for email messages that come from external hosts. This could allow remote attackers to disguise spoofed...

4.3CVSS3.7AI score0.01986EPSS
Exploits0References9Affected Software1
Information Security Automation
Information Security Automation
added 2018/08/16 10:3 a.m.33 views

Asset Inventory for Network Perimeter: from Declarations to Active Scanning

In the previous post, I shared some of my thoughts about the good Asset Inventory system. Of course, for me as a Security Specialist, it would be great if IT will provide such magical system. But such an ideal situation is rarely possible. So now let's see how to build an Asset Inventory system...

6.8AI score
Exploits0
n0where
n0where
added 2017/05/08 4:18 a.m.45 views

Public Port Scan Scrapper: scanless

Public Port Scan Scrapper Command-line utility for using websites that can perform port scans on your behalf. Useful for early stages of a penetration test or if you’d like to run a port scan on a host and have it not come from your IP address. scanless adj: lacking respectable morals. That girl ...

7.2AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.21 views

openSUSE Security Update : inkscape (openSUSE-SU-2013:0294-1)

Inkscape was updated to fix two security issues : - inkscape occasionaly tries to open EPS files from /tmp bnc796306, CVE-2012-6076. - inkscape could load XML from external hosts bnc794958, CWE-827, CVE-2012-5656. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packa...

5.5CVSS5.5AI score0.01155EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2012/08/17 12:0 a.m.25 views

CVE-2012-3488

The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify data, obtain sensitive information, or trigger outbound traffic to...

4.9CVSS7AI score0.03297EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.36 views

Scientific Linux Security Update : sendmail on SL4.x i386/x86_64

The configuration of Sendmail was found to not reject the 'localhost.localdomain' domain name for e-mail messages that came from external hosts. This could have allowed remote attackers to disguise spoofed messages CVE-2006-7176. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...

4.3CVSS5.4AI score0.01986EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/03/14 12:0 a.m.30 views

HP StorageWorks File Migration Agent Detection

The remote host is running an HP StorageWorks File Migration Agent, which migrates rarely used files to external hosts, recalling them as needed. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid52654; scriptversion"1.6";...

5.5AI score
Exploits0References1
Prion
Prion
added 2008/07/09 12:41 a.m.18 views

Input validation

Multiple unspecified "input validation" vulnerabilities in the Web management interface aka Messaging Administration interface in Avaya Message Storage Server MSS 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user...

6.5CVSS8.2AI score0.03058EPSS
Exploits0References21Affected Software1
RedHat Linux
RedHat Linux
added 2007/05/01 2:14 p.m.13 views

sendmail allows external mail with from address [email protected]

The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages...

4.3CVSS5.9AI score0.01986EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2007/03/27 11:19 p.m.30 views

CVE-2006-7176

The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages...

4.3CVSS5.9AI score0.01986EPSS
Exploits0References1
Rows per page
Query Builder