Lucene search
K

675 matches found

Fedora
Fedora
added 2021/02/10 1:30 a.m.69 views

[SECURITY] Fedora 32 Update: privoxy-3.0.31-1.fc32

Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit...

7.8CVSS2.3AI score0.02276EPSS
Exploits0
Fedora
Fedora
added 2021/02/10 1:20 a.m.68 views

[SECURITY] Fedora 33 Update: privoxy-3.0.31-1.fc33

Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit...

7.8CVSS2.3AI score0.02276EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/02/10 12:0 a.m.16 views

Fedora: Security Advisory for privoxy (FEDORA-2021-6fe9346693)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.6AI score
Exploits0References2
OpenVAS
OpenVAS
added 2021/02/10 12:0 a.m.16 views

Fedora: Security Advisory for privoxy (FEDORA-2021-f08e89a0d5)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.6AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/12/15 7:37 p.m.3 views

golang: data race in certain net/http servers including ReverseProxy can lead to DoS

A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability...

5.9CVSS7.3AI score0.02893EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.481 views

EgavilanMedia User Registration & Login System with Admin Panel 1.0 - CSRF

Exploit Title: EgavilanMedia User Registration & Login System with Admin Panel 1.0 - CSRF Date: 01-12-2020 Exploit Author: Hardik Solanki Vendor Homepage: http://egavilanmedia.com Software Link:...

7.4AI score
Exploits0
NVD
NVD
added 2020/11/24 7:15 p.m.20 views

CVE-2020-28333

Barco wePresent WiPG-1600W devices allow Authentication Bypass. Affected Versions: 2.5.1.8. The Barco wePresent WiPG-1600W web interface does not use session cookies for tracking authenticated sessions. Instead, the web interface uses a "SEID" token that is appended to the end of URLs in GET...

9.8CVSS9.3AI score0.032EPSS
Exploits2References2
Prion
Prion
added 2020/11/24 7:15 p.m.20 views

Authentication flaw

Barco wePresent WiPG-1600W devices allow Authentication Bypass. Affected Versions: 2.5.1.8. The Barco wePresent WiPG-1600W web interface does not use session cookies for tracking authenticated sessions. Instead, the web interface uses a "SEID" token that is appended to the end of URLs in GET...

7.5CVSS9.3AI score0.032EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2020/11/24 6:3 p.m.100 views

CVE-2020-28333

Barco wePresent WiPG-1600W (firmware 2.5.1.8 affected) is vulnerable to an authentication bypass due to the SEID token being passed in URLs (no session cookies tracked for authenticated sessions). An attacker who captures the SEID and can originate requests from the same IP (e.g., via NAT or a pr...

9.8CVSS9.2AI score0.032EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2020/11/24 6:3 p.m.26 views

CVE-2020-28333

Barco wePresent WiPG-1600W devices allow Authentication Bypass. Affected Versions: 2.5.1.8. The Barco wePresent WiPG-1600W web interface does not use session cookies for tracking authenticated sessions. Instead, the web interface uses a "SEID" token that is appended to the end of URLs in GET...

9.4AI score0.032EPSS
Exploits2References2
0day.today
0day.today
added 2020/11/21 12:0 a.m.28 views

Barco wePresent WiPG-1600W Authentication Bypass Vulnerability

The Barco wePresent WiPG-1600W version 2.5.1.8 web interface does not use session cookies for tracking authenticated sessions. Instead, the web interface uses a "SEID" token that is appended to the end of URLs in GET requests. Thus the "SEID" would be exposed in web proxy logs and browser history...

9.8CVSS9.4AI score0.032EPSS
Exploits2
Kitploit
Kitploit
added 2020/10/29 11:30 a.m.60 views

Scrying - A Tool For Collecting RDP, Web And VNC Screenshots All In One Place

A new tool for collecting RDP, web and VNC screenshots all in one place This tool is still a work-in-progress and should be mostly usable but is not yet complete. Please file any bugs or feature requests as GitHub issues Caveats Web screenshotting relies on Chromium or Google Chrome being install...

7AI score
Exploits0References7
OpenVAS
OpenVAS
added 2020/08/28 12:0 a.m.26 views

Debian: Security Advisory (DSA-4751-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.2AI score0.05162EPSS
Exploits0References4
CNVD
CNVD
added 2020/08/20 12:0 a.m.2 views

ArticaTech Artica Web Proxy SQL Injection Vulnerability

ArticaTech Artica Proxy is an open source Artica proxy solution from the French company ArticaTech. An SQL injection vulnerability exists in the 'apikey' parameter of the fw.login.php file in Artica Web Proxy version 4.30.00000000. A remote attacker can exploit this vulnerability to bypass...

9.8CVSS8.2AI score0.93967EPSS
Exploits7References1
OSV
OSV
added 2020/08/12 5:15 p.m.1 views

CVE-2020-17506

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php...

9.8CVSS7.4AI score0.93967EPSS
Exploits7References3
NVD
NVD
added 2020/08/12 5:15 p.m.22 views

CVE-2020-17505

Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via servicecmdspeform...

9CVSS8.7AI score0.82165EPSS
Exploits4References2
NVD
NVD
added 2020/08/12 5:15 p.m.18 views

CVE-2020-17506

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php...

9.8CVSS10AI score0.93967EPSS
Exploits7References3
Prion
Prion
added 2020/08/12 5:15 p.m.20 views

Command injection

Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via servicecmdspeform...

9CVSS8.6AI score0.82165EPSS
Exploits4References2Affected Software1
Prion
Prion
added 2020/08/12 5:15 p.m.27 views

Sql injection

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php...

7.5CVSS9.9AI score0.93967EPSS
Exploits7References3Affected Software1
Cvelist
Cvelist
added 2020/08/12 4:33 p.m.26 views

CVE-2020-17505

Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via servicecmdspeform...

8.7AI score0.82165EPSS
Exploits4References2
Rows per page
Query Builder