GHSA-CQJG-WHMM-8GV6 Denial of Service via malformed accept-encoding header in hapi

Affected versions of hapi will crash or lock the event loop when a malformed accept-encoding header is recieved. Recommendation Update to version 16.1.1 or later...

Denial of Service via malformed accept-encoding header in hapi

Affected versions of hapi will crash or lock the event loop when a malformed accept-encoding header is recieved. Recommendation Update to version 16.1.1 or later...

GHSA-7MC5-CHHP-FMC3 Regular Expression Denial of Service in negotiator

Affected versions of negotiator are vulnerable to regular expression denial of service attacks, which trigger upon parsing a specially crafted Accept-Language header value. Recommendation Update to version 0.6.1 or later...

Linux/x86 - Dual Network Stack (IPv4 and IPv6) Bind TCP Shellcode

/ Exploit Title: Linux x86 Dual Network Stack IPv4 and IPv6 Bind TCP Shellcode Shellcode Author: Kevin Kirsche Shellcode Repository: https://github.com/kkirsche/SLAE/tree/master/assignment1-bindshell Tested on: Shell on Ubuntu 18.04 with gcc 7.3.0 / Connected from Kali 2018.2 This shellcode will...

Android Gets New Anti-Spoofing Feature to Make Biometric Authentication Secure

Google just announced its plan to introduce a new anti-spoofing feature for its Android operating system that makes its biometric authentication mechanisms more secure than ever. Biometric authentications, like the fingerprint, IRIS, or face recognition technologies, smoothen the process of...

kernel: Double free in the inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c

The inetcskclonelock function in net/ipv4/inetconnectionsock.c in the Linux kernel allows attackers to cause a denial of service double free or possibly have unspecified other impact by leveraging use of the accept system call. An unprivileged local user could use this flaw to induce kernel memor...

Computer connection status is "Rejected" in Veeam Service Provider Console

Challenge You may see the following status for the computer in Veeam Service Provider Console - "Discovery" - "Discovered Computers": Solution Under "Discovered Computers" press "Change settings…" and turn on "Accept new connections" If this KB article did not resolve your issue or you need furth...

Design/Logic Flaw

hapi is a web and services application framework. When hapi = 15.0.0 = 16.1.0 encounters a malformed accept-encoding header an uncaught exception is thrown. This may cause hapi to crash or to hang the client connection until the timeout period is reached...

CVE-2017-16013

hapi is a web and services application framework. When hapi = 15.0.0 = 16.1.0 encounters a malformed accept-encoding header an uncaught exception is thrown. This may cause hapi to crash or to hang the client connection until the timeout period is reached...

CVE-2017-16013

hapi is a web and services application framework. When hapi = 15.0.0 = 16.1.0 encounters a malformed accept-encoding header an uncaught exception is thrown. This may cause hapi to crash or to hang the client connection until the timeout period is reached...

AZL-44826 CVE-2016-10539 affecting package nodejs-nodemon 2.0.3-5

negotiator is an HTTP content negotiator for Node.js and is used by many modules and frameworks including Express and Koa. The header for "Accept-Language", when parsed by negotiator 0.6.0 and earlier is vulnerable to Regular Expression Denial of Service via a specially crafted string...

DEBIAN-CVE-2016-10539

negotiator is an HTTP content negotiator for Node.js and is used by many modules and frameworks including Express and Koa. The header for "Accept-Language", when parsed by negotiator 0.6.0 and earlier is vulnerable to Regular Expression Denial of Service via a specially crafted string...

Design/Logic Flaw

negotiator is an HTTP content negotiator for Node.js and is used by many modules and frameworks including Express and Koa. The header for "Accept-Language", when parsed by negotiator 0.6.0 and earlier is vulnerable to Regular Expression Denial of Service via a specially crafted string...

UBUNTU-CVE-2016-10539

negotiator is an HTTP content negotiator for Node.js and is used by many modules and frameworks including Express and Koa. The header for "Accept-Language", when parsed by negotiator 0.6.0 and earlier is vulnerable to Regular Expression Denial of Service via a specially crafted string...

CVE-2016-10539

negotiator is an HTTP content negotiator for Node.js and is used by many modules and frameworks including Express and Koa. The header for "Accept-Language", when parsed by negotiator 0.6.0 and earlier is vulnerable to Regular Expression Denial of Service via a specially crafted string...

Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (113 bytes)

Linux/x86 - Bind 4444/TCP Shell /bin/sh + IPv6 Shellcode 113 bytes. Shellcode exploit for Linuxx86 platform // Title: Linux/x86 - IPv6 TCP bind tcp shell on 4444 port // Length : 113 bytes // Author : Matteo Malvica // Tested On : kali linux 4.15 // Contact : [email protected] // Description: it...

LiveZilla Live Chat Cross-Site Scripting Vulnerability

LiveZilla Live Chat is a free online customer service system from the German company LiveZilla. The system provides real-time monitoring of visitors, offline messages, GeoTracking map tracking, access statistics, online chat and other features. A cross-site scripting vulnerability exists in the...

CVE-2018-10810

chat/mobile/index.php in LiveZilla Live Chat 7.0.9.5 and prior is affected by Cross-Site Scripting via the Accept-Language HTTP header...

Cross site scripting

chat/mobile/index.php in LiveZilla Live Chat 7.0.9.5 and prior is affected by Cross-Site Scripting via the Accept-Language HTTP header...

CVE-2018-10810

chat/mobile/index.php in LiveZilla Live Chat 7.0.9.5 and prior is affected by Cross-Site Scripting via the Accept-Language HTTP header...