RLSA-2021:4511 Moderate: curl security and bug fix update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: Leak of authentication credentials in URL via automatic Referer CVE-2021-22876 curl: TELNET stack contents disclosure...

Http-Protocol-Exfil - Exfiltrate Files Using The HTTP Protocol Version ("HTTP/1.0" Is A 0 And "HTTP/1.1" Is A 1)

Use the HTTP protocol version to send a file bit by bit "HTTP/1.0" is a 0 and "HTTP/1.1" is a 1. It uses GET requests so the Blue Team would only see the requests to your IP address. However, it takes a long time to send bigger files, for example it needs 1 hour to send 200 KB, and the amount of...

USN-5090-4 apache2 regression

USN-5090-1 fixed vulnerabilities in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem. Original advisory details: James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote...

nodejs: Use-after-free on close http2 on stream canceling

A flaw was found in Node.js, where it is vulnerable to a use-after-free attack. This flaw allows an attacker to exploit the memory corruption, which causes a change in the process behavior. The highest threat from this vulnerability is to confidentiality and integrity...

libfetch 缓冲区错误漏洞

libfetch is a browser extension that makes it easier to access the content of electronic resources subscribed to by the NIE Library. A buffer error vulnerability exists in libfetch that stems from incorrectly handling strings of numbers for the FTP and HTTP protocols. the FTP passive mode...

Denial Of Service (DoS)

apk-tools:edge is vulnerable to denial of service. The vulnerability occurs when numeric strings in the FTP and HTTP protocols are mishandled...

Vulristics: Microsoft Patch Tuesdays Q2 2021

Hello everyone! Lets now talk about Microsoft Patch Tuesday vulnerabilities for the second quarter of 2021. April, May and June. Not the most exciting topic, I agree. I am surprised that someone is reading or watching this. For me personally, this is a kind of tradition. Plus this is an opportuni...

Exploit for Use After Free in Microsoft

CVE-2021-31166-Exploit Exploit for MS Http Protocol Stack RCE...

Unauthorized SQL Commands Over HTTP (CVE-2020-15153; CVE-2020-35545)

Unauthorized SQL Commands Over HTTP...

CVE-2021-23846

When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021...

CVE-2021-23846

When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021...

Design/Logic Flaw

When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021...

CVE-2021-23846

The CVE-2021-23846 issue affects Bosch B426/Conettix devices. When using HTTP, the user password is transmitted as a plaintext parameter, enabling network-adjacent attackers to obtain credentials via MITM. Root cause: credentials exposed in cleartext in login handling (e.g., login.cgi). Impact al...

The vulnerability in the Install and Upgrade application for managing Oracle Transportation Execution allows a malicious individual to gain access to create, modify, or delete data.

The vulnerability of the Install and Upgrade component of the Oracle Transportation Execution application relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to access, create, modify, or delete data using the HTTP protocol...

RLSA-2021:2259 Important: nginx:1.18 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 For more details about the...

The vulnerability of the Work Provider Site Level Administration component of the application for accessing, organizing, and interacting with various types of Oracle Universal Work Queue tasks allows a malicious actor to disclose protected information or gain access to the creation, modification, or deletion of data.

The vulnerability of the Work Provider Site Level Administration component of the application for accessing, organizing, and interacting with various types of Oracle Universal Work Queue tasks is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker...

The vulnerability of the Template component in the Oracle Sales Offline remote management tool allows a attacker to trigger a service failure.

The vulnerability of the Template component in the Oracle Sales Offline remote management tool is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to trigger a service failure using the HTTP protocol...

Windows PoC Exploit Released for Wormable RCE

A researcher has released a proof-of-concept PoC exploit for CVE-2021-31166, a use-after-free, highly critical vulnerability in the HTTP protocol stack http.sys that could lead to wormable remote code execution RCE. Microsoft discovered the flaw internally, releasing a patch in its May 11 Patch...

Exploit for Use After Free in Microsoft

CVE-2021-31166 Detection of attempts to exploit CVE-2021-31166...

Exploit for Use After Free in Microsoft

CVE-2021-31166 0x00.Description This is a proof of concept...