593 matches found
Gitls - Enumerate Git Repository URL From List Of URL / User / Org
Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline This tool is available when the repository, such as github, is included in the bugbounty scope. Sometimes specified as an org name or user name rather than a specific repository, you can use this tool to extract url...
CVE-2021-22984
On BIG-IP Advanced WAF and ASM version 15.1.x before 15.1.0.2, 15.0.x before 15.0.1.4, 14.1.x before 14.1.2.5, 13.1.x before 13.1.3.4, 12.1.x before 12.1.5.2, and 11.6.x before 11.6.5.2, when receiving a unauthenticated client request with a maliciously crafted URI, a BIG-IP Advanced WAF or ASM...
PT-2021-18682 · Hashicorp · Hashicorp Vault +1
Name of the Vulnerable Software and Affected Versions: HashiCorp Vault and Vault Enterprise versions prior to 1.5.7 HashiCorp Vault and Vault Enterprise versions prior to 1.6.2 Description: The issue allows the disclosure of the internal IP address of the Vault node when responding to some invali...
HashiCorp Vault and Vault Enterprise Security Vulnerabilities
Hashicorp HashiCorp Vault is a private key access management tool from HashiCorp Hashicorp USA. A security vulnerability exists in the HashiCorp Vault and Vault Enterprise that stems from the disclosure of the internal IP address of a Vault node in response to some invalid, unauthenticated HTTP...
Vault API Endpoint Exposed Internal IP Address Without Authentication
Summary Vault and Vault Enterprise “Vault” would disclose the internal IP address of the Vault node when responding to some invalid, unauthenticated HTTP requests. This vulnerability, CVE-2021-3024, was fixed in Vault 1.6.2 & 1.5.7. Background Vault’s API is the primary means by which a Vault nod...
A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware
An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as a zero-day to deploy the SUPERNOVA malware in target environments. According to an advisory published yesterday by the CERT Coordination Center, the SolarWinds Orion API that's used t...
PT-2020-6602 · Apache · Apache Airflow
Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 1.10.11 Description: The issue is related to the Experimental API in Apache Airflow, which previously allowed all API requests without authentication by default. This poses security risks to users who are not...
CVE-2020-24219
An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can send crafted unauthenticated HTTP requests to exploit path traversal and pattern-matching programming flaws, and retrieve any file from the device's file system, including the configuration file with t...
CVE-2020-4573
IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could disclose sensitive information due to responding to unauthenticated HTTP requests. IBM X-Force ID: 184180...
Design/Logic Flaw
IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could disclose sensitive information due to responding to unauthenticated HTTP requests. IBM X-Force ID: 184180...
CVE-2020-10605
Grundfos CIM 500 before v06.16.00 responds to unauthenticated requests for password storage files...
Default credentials
SilverStripe 4.5.0 allows attackers to read certain records that should not have been placed into a result set. This affects silverstripe/recipe-cms. The automatic permission-checking mechanism in the silverstripe/graphql module does not provide complete protection against lists that are limited...
PT-2020-18975 · Silverstripe · Silverstripe
Name of the Vulnerable Software and Affected Versions: SilverStripe version 4.5.0 Description: The issue allows attackers to read certain records that should not have been placed into a result set. This is due to the automatic permission-checking mechanism in the silverstripe/graphql module not...
Apache Dubbo Provider Remote Code Execution Vulnerability
Apache Dubbo is a Java-based high-performance RPC framework . A remote code execution vulnerability exists in Apache Dubbo Provider. An attacker can send RPC requests with unauthenticated service names or method names in conjunction with additional malicious parameter loads. When the malicious...
Atlassian Fisheye and Crucible Cross-Site Request Forgery Vulnerabilities (CNVD-2020-31424)
Atlassian Fisheye and Crucible are both products of the Australian company Atlassian, Atlassian Fisheye is a suite of in-depth viewers of source code and Crucible is a suite of code review tools. A cross-site request forgery vulnerability exists in Atlassian Fisheye and Crucible versions prior to...
Kubernetes: Kubelet resource exhaustion attack via metric label cardinality explosion from unauthenticated requests
Report Submission Form Summary: Malicious clients can potentially DOS a kubelet by sending a high amount of specially crafted requests to the kubelet's HTTP server. For each request the kubelet updates/sets 3 metrics: - kubelethttprequeststotal Counter - kubelethttprequestsdurationseconds Histogr...
Critical Flaw in GoAhead Web Server Could Affect Wide Range of IoT Devices
Cybersecurity researchers today uncovered details of two new vulnerabilities in the GoAhead web server software, a tiny application widely embedded in hundreds of millions of Internet-connected smart devices. One of the two vulnerabilities, assigned as CVE-2019-5096, is a critical code execution...
CVE-2019-5097
A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to an infinite loop in the process. The request can be unauthenticated in the fo...
WordPress qtranslate-x plugin cross-site request forgery vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. qtranslate-x is a multi-language switching plugin used in it. A cross-site request forgery vulnerability exists in WordPress...
The vulnerability in the web interface for controlling the Cisco IOS XE operating system allows a hacker to perform cross-site fraudulently crafted requests.
The vulnerability in the web interface for controlling the Cisco IOS XE operating system is related to the lack of authentication for the requests being sent. Exploiting this vulnerability allows a malicious actor to perform cross-site fraudulently by using a specially crafted link to send...