426 matches found
CVE-2024-10086
A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS...
HashiCorp Consul 安全漏洞
HashiCorp Consul is a suite of distributed, highly available data center-aware solutions from HashiCorp, USA. The product is used to connect and configure applications across dynamically distributed infrastructures. A security vulnerability exists in HashiCorp Consul that stems from a server...
CVE-2024-48648
CVE-2024-48648 (Sage 1000 v7.0.0) is a Reflected Cross-Site Scripting (XSS) vulnerability where malicious input in a URL is reflected in the server response without proper sanitization. Affected product: Sage 1000, version 7.0.0. The connected sources confirm the vulnerability exists as described...
CVE-2024-7010
mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack allows an attacker to compromise the cryptosystem by analyzing the time taken to execute cryptographic algorithms. Specifically, in the context of password handling, an attacker can determine valid...
SUSE CVE-2024-49999
In the Linux kernel, the following vulnerability has been resolved: afs: Fix the setting of the server responding flag In afswaitforoperation, we set transcribe the call responded flag to the server record that we used after doing the fileserver iteration loop - but it's possible to exit the loop...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a potential issue with the afs component in the server response flag setting...
ORDAT FOSS-Online 安全漏洞
ORDAT FOSS-Online is an enterprise resource management solution from ORDAT. A security vulnerability exists in ORDAT FOSS-Online prior to 2.24.01, which stems from the presence of a user enumeration vulnerability that could allow an attacker to determine if an account exists in the application by...
CVE-2024-45052 Fides Webserver Authentication Timing-Based Username Enumeration Vulnerability
Fides is an open-source privacy engineering platform. Prior to version 2.44.0, a timing-based username enumeration vulnerability exists in Fides Webserver authentication. This vulnerability allows an unauthenticated attacker to determine the existence of valid usernames by analyzing the time it...
WordPress Simple Backup File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Simple Backup File Read Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability in WordPress Plugin...
MantisBT Admin SQL Injection Arbitrary File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MantisBT Admin SQL Injection Arbitrary File Read", 'Description' = %q Versions 1.2.13 through 1.2.16 are vulnerable to a SQL injection attack if ...
Zomato: OTP Bypass via Response Manipulation
OTP One-Time Password bypass via response manipulation is a technique where an attacker intercepts and alters the server's response to bypass the OTP verification step. Response Manipulation: The attacker manipulates the server's response. For example, they might change a response indicating OTP...
CVE-2024-24791
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail...
CVE-2024-5813
A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response...
CVE-2024-5813
A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response...
CVE-2024-5813 SSH Private Key Leak in BeyondInsight PasswordSafe
A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response...
CVE-2024-5813 SSH Private Key Leak in BeyondInsight PasswordSafe
A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response...
CVE-2024-5813
CVE-2024-5813 affects BeyondInsight Password Safe (BIPS). An authenticated attacker with high privileges can exploit an information leak in the server response to access SSH private keys, exposing highly sensitive material. The vulnerability targets the confidentiality of SSH keys via a disclosur...
BeyondInsight Information Disclosure Vulnerability
BeyondInsight is a Privileged Access Management PAM reporting platform from BeyondTrust USA. An information disclosure vulnerability exists in BeyondInsight Password Safe, which originates from an authenticated attacker with elevated privileges who can access SSH private keys via information...
Passbolt API Stored XSS on first/last name during setup
Description An administrator can craft a user with a malicious first name and last name, using a payload such as '; ? The user will then receive the invitation email and click on the setup link. The setup start page served by the server will fire the XSS. Impact of issue An administrator could us...
libnbd: Crash or misbehaviour when NBD server returns an unexpected block size
A flaw was found in libnbd. A server can reply with a block size larger than 2^63 the NBD spec states the size is a 64-bit unsigned value. This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbdgetsize function...