Lucene search
K

72 matches found

Ivanti
Ivanti
added 2024/07/16 4:16 p.m.12 views

Security Advisory EPM July 2024 for EPM 2024

Last Modified Date Apr 16, 2025 2:50:24 PM...

8.4CVSS7.2AI score0.03137EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/05/28 6:50 p.m.31 views

CVE-2024-36107 Information disclosure in minio

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. If-Modified-Since and If-Unmodified-Since headers when used with anonymous requests by sending a random object name requests can be used to determine if an object exists or not on the server on a...

5.3CVSS6.6AI score0.00549EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/05/28 6:50 p.m.57 views

CVE-2024-36107 Information disclosure in minio

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. If-Modified-Since and If-Unmodified-Since headers when used with anonymous requests by sending a random object name requests can be used to determine if an object exists or not on the server on a...

5.3CVSS5.1AI score0.00549EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/05/28 12:0 a.m.7 views

PT-2024-5523 · Minio +2 · Minio +2

Name of the Vulnerable Software and Affected Versions: MinIO versions prior to RELEASE.2024-05-27T19-17-46Z Description: The issue concerns the use of If-Modified-Since and If-Unmodified-Since headers with anonymous requests, allowing an attacker to determine if an object exists on the server in ...

8.8CVSS9.3AI score0.83957EPSS
Exploits18References21
Kitploit
Kitploit
added 2022/12/23 11:30 a.m.50 views

S3Crets_Scanner - Hunting For Secrets Uploaded To Public S3 Buckets

S3cret Scanner tool designed to provide a complementary layer for the Amazon S3 Security Best Practices by proactively hunting secrets in public S3 buckets. Can be executed as scheduled task or On-Demand Automation workflow The automation will perform the following actions: 1. List the public...

7.1AI score
Exploits0References2
Ivanti
Ivanti
added 2022/06/10 5:57 a.m.9 views

MI Core - Vulnerability found security issue on jquery.

Last Modified Date Mar 12, 2024 4:32:15 PM...

5.9AI score
Exploits0
Patchstack
Patchstack
added 2020/04/03 12:0 a.m.13 views

WordPress WP Last Modified Info plugin <= 1.6.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Jeroen Mulder in WordPress WP Last Modified Info plugin versions = 1.6.5. Solution Update the WordPress WP Last Modified Info plugin to the latest available version at least 1.6.6...

2AI score
Exploits0References2Affected Software1
Exploit DB
Exploit DB
added 2020/03/11 12:0 a.m.36 views

CoreFTP 2.0 Build 674 MDTM - Directory Traversal (Metasploit)

class MetasploitModule 'CVE-2019-9649 CoreFTP FTP Server Version 674 and below MDTM Directory Traversal', 'Description' = %qAn issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal ....\ to browse...

5.3CVSS5.6AI score0.14535EPSS
Exploits8
Packet Storm
Packet Storm
added 2020/02/21 12:0 a.m.140 views

Amovision AM-Q6320-WIFI HD Camera Remote Configuration Disclosure

!/usr/bin/perl Amovision AM-Q6320-WIFI HD Camera Remote Configuration Disclosure Copyright 2020 c Todor Donev https://donev.eu/ Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that Todor...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/08/26 12:0 a.m.54 views

CoreFTP Server MDTM Directory Traversal Exploit

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal ....\ to browse outside the root directory to determine the existence of a file on the operating system, and the last modified date. Exploit...

5.3CVSS0.6AI score0.14535EPSS
Exploits8
Packet Storm
Packet Storm
added 2019/08/23 12:0 a.m.205 views

CoreFTP Server MDTM Directory Traversal

Exploit Title: CoreFTP Server FTP / SFTP Server v2 - Build 674 MDTM Directory Traversal Metasploit Google Dork: N/A Date: 8/21/2019 Exploit Author: Kevin Randall Vendor Homepage: https://www.coreftp.com Software Link: http://www.coreftp.com/server/index.html Version: Firmware: CoreFTP Server FTP ...

5CVSS0.3AI score0.14535EPSS
Exploits8
RedHat Linux
RedHat Linux
added 2019/04/24 6:46 p.m.3 views

undertow: File descriptor leak caused by JarURLConnection.getLastModified() allows attacker to cause a denial of service

It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...

6.5CVSS7.2AI score0.02329EPSS
Exploits0References6
OSV
OSV
added 2019/03/22 8:29 p.m.2 views

CVE-2019-9649

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal technique ....\ to browse outside the root directory to determine the existence of a file on the operating system, and its last modified date...

5.3CVSS6.1AI score0.14535EPSS
Exploits8References6
RedHat Linux
RedHat Linux
added 2018/09/04 2:10 p.m.3 views

undertow: File descriptor leak caused by JarURLConnection.getLastModified() allows attacker to cause a denial of service

It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...

6.5CVSS7.2AI score0.02329EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2018/06/27 3:3 p.m.5 views

undertow: File descriptor leak caused by JarURLConnection.getLastModified() allows attacker to cause a denial of service

It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...

6.5CVSS7.2AI score0.02329EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2018/06/27 3:3 p.m.5 views

undertow: File descriptor leak caused by JarURLConnection.getLastModified() allows attacker to cause a denial of service

It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...

6.5CVSS7.2AI score0.02329EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2018/06/27 2:35 p.m.6 views

undertow: File descriptor leak caused by JarURLConnection.getLastModified() allows attacker to cause a denial of service

It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...

6.5CVSS7.2AI score0.02329EPSS
Exploits0References6
CNVD
CNVD
added 2018/06/11 12:0 a.m.4 views

hapi node module denial of service vulnerability

The hapi node module is a server framework for Node.js. The framework supports input validation, caching, authentication and more. A security vulnerability exists in hapi node module versions prior to 11.1.3. An attacker exploits the vulnerability to cause a denial of service socket exhaustion wi...

7.5CVSS7.6AI score0.02135EPSS
Exploits1References1
OSV
OSV
added 2018/06/07 7:43 p.m.2 views

GHSA-RC8H-3FV6-PXV8 Denial of Service in hapi

Versions of hapi prior to 11.1.3 are affected by a denial of service vulnerability. The vulnerability is triggered when certain input is passed into the If-Modified-Since or Last-Modified headers. This causes an 'illegal access' exception to be raised, and instead of sending a HTTP 500 error back...

7.5CVSS5.9AI score0.02135EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2018/06/07 7:43 p.m.24 views

Denial of Service in hapi

Versions of hapi prior to 11.1.3 are affected by a denial of service vulnerability. The vulnerability is triggered when certain input is passed into the If-Modified-Since or Last-Modified headers. This causes an 'illegal access' exception to be raised, and instead of sending a HTTP 500 error back...

7.5CVSS7.1AI score0.02135EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder