Gohide - Tunnel Port To Port Traffic Over An Obfuscated Channel With AES-GCM Encryption

Tunnel port to port traffic via an obfuscated channel with AES-GCM encryption. Obfuscation Modes Session Cookie HTTP GET http-client Set-Cookie Session Cookie HTTP/2 200 OK http-server WebSocket Handshake "Sec-WebSocket-Key" websocket-client WebSocket Handshake "Sec-WebSocket-Accept"...

Cassandra Web File Read Vulnerability

This module exploits an unauthenticated directory traversal vulnerability in Cassandra Web 'Cassandra Web' version 0.5.0 and earlier, allowing arbitrary file read with the web server privileges. This vulnerability occurred due to the disabled Rack::Protection module Module Options msf use...

Cisco ASA ASDM Brute-force Login

This module scans for the Cisco ASA ASDM landing page and performs login brute-force to identify valid credentials. Module Options msf use auxiliary/scanner/http/ciscoasaasdmbruteforce msf auxiliaryciscoasaasdmbruteforce show actions ...actions... msf auxiliaryciscoasaasdmbruteforce set ACTION ms...

GHSA-3W4V-RVC4-2XPW Keycloak has Files or Directories Accessible to External Parties

ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader. By sending requests for theme resources with a relative path from an external HTTP client, the client will receive the content of random files if available...

CVE-2021-3856

ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader. By sending requests for theme resources with a relative path from an external HTTP client, the client will receive the content of random files if available...

CVE-2021-3856

ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader. By sending requests for theme resources with a relative path from an external HTTP client, the client will receive the content of random files if available...

CVE-2022-35949

A Server-Side Request Forgery SSRF vulnerability was found in undici, a HTTP/1.1 client for Node.js. An attacker can manipulate the server-side application to make requests to an unintended location when they use the 'path/pathname' option in 'undici.request'. Mitigation Validate user input befor...

CVE-2022-35948 CRLF Injection in Nodejs ‘undici’ via Content-Type

undici is an HTTP/1.1 client, written from scratch for Node.js.= [email protected] users are vulnerable to CRLF Injection on headers when using unsanitized input as request headers, more specifically, inside the content-type header. Example: import request from 'undici' const unsanitizedContentTypeInp...

CVE-2022-35949 `undici.request` vulnerable to SSRF using absolute URL on `pathname`

undici is an HTTP/1.1 client, written from scratch for Node.js.undici is vulnerable to SSRF Server-side Request Forgery when an application takes in user input into the path/pathname option of undici.request. If a user specifies a URL such as http://127.0.0.1 or //127.0.0.1 js const undici =...

CVE-2022-1705

Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid...

CVE-2022-1705

CVE-2022-1705: In Go, the net/http HTTP/1 client accepted certain invalid Transfer-Encoding headers, enabling potential HTTP request smuggling when paired with an intermediary server that also fails to reject the header. Affected: Go’s HTTP/1 client prior to Go 1.17.12 and Go 1.18.4. Impact is ti...

Arbitrary Code Execution

avatica-core is vulnerable to arbitrary code execution. The vulnerability exists due to the getInstance function of AvaticaHttpClientFactoryImpl.java does not properly verify the HTTP client classes before being instantiating, allowing an attacker to inject and execute malicious code through the...

Apache Calcite Avatica JDBC driver arbitrary code execution

Apache Calcite Avatica JDBC driver creates HTTP client instances based on class names provided via httpclientimpl connection property; however, the driver does not verify if the class implements the expected interface before instantiating it, which can lead to code execution loaded via arbitrary...

CVE-2022-36364

Apache Calcite Avatica JDBC driver creates HTTP client instances based on class names provided via httpclientimpl connection property; however, the driver does not verify if the class implements the expected interface before instantiating it, which can lead to code execution loaded via arbitrary...

CVE-2022-36364

Apache Calcite Avatica JDBC driver creates HTTP client instances based on class names provided via httpclientimpl connection property; however, the driver does not verify if the class implements the expected interface before instantiating it, which can lead to code execution loaded via arbitrary...

Code injection

Apache Calcite Avatica JDBC driver creates HTTP client instances based on class names provided via httpclientimpl connection property; however, the driver does not verify if the class implements the expected interface before instantiating it, which can lead to code execution loaded via arbitrary...

CVE-2022-36364

Apache Calcite Avatica JDBC driver is affected by CVE-2022-36364 due to insecure dynamic instantiation of httpclient_impl classes without validating they implement the expected interface, enabling potential code execution loaded from arbitrary classes. The issue is addressed starting with Avatica...

undici 注入漏洞

undici is an HTTP/1.1 client. A security vulnerability exists in undici versions prior to 5.7.1, which stems from the ability to inject CRLF sequences into request headers in undici...

FreeBSD : mediawiki -- multiple vulnerabilities (5ab54ea0-fa94-11ec-996c-080027b24e86)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 5ab54ea0-fa94-11ec-996c-080027b24e86 advisory. - A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak...

CVE-2022-31091

Guzzle, an extensible PHP HTTP client. Authorization and Cookie headers on requests are sensitive information. In affected versions on making a request which responds with a redirect to a URI with a different port, if we choose to follow it, we should remove the Authorization and Cookie headers...