33 matches found
Radancy: Information disclosure through directory listing at http://dockerhost01.maximum.nl:8080
Hello! Description: Information disclosure through enabled directory listing. Links as poc: http://dockerhost01.maximum.nl:8080 http://dockerhost01.maximum.nl:8080/logs/ See pic 1 2 3 The unauthenticated user can get some juicy info about internal infrastructure, docker containers, logs, tokens a...
DSA-3325-1 apache2 - security update
Bulletin has no description...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (3)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...
Coinbase: Coinbase Android Security Vulnerabilities
My name is Bryan Stern and I am Android Software Engineer. Last night I took another look at your Android application and found some disturbing vulnerabilities that could allow for a user's account to be hijacked. Fortunately, they are very easy to resolve. Below I have outlined the issue, gave...
Accept Answer URL should be idempotent and accept PUT or POST requests only
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-46610. panel Answers currently users a single URL to both accept and un-accept answers: noformat $baseurl/acceptanswer/$answeri...
Accept Answer URL should be idempotent and accept PUT or POST requests only
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46610. panel Answers currently users a single URL to both accept and un-accept answers: noformat $baseurl/acceptanswer/$answerid...
Accept Answer URL should be idempotent and accept PUT or POST requests only
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46610. panel Answers currently users a single URL to both accept and un-accept answers: noformat $baseurl/acceptanswer/$answerid...
Accept Answer URL should be idempotent and accept PUT or POST requests only
Answers currently users a single URL to both accept and un-accept answers: noformat $baseurl/acceptanswer/$answerid. noformat If this URL is requested and the answer in question is currently un-accepted, its state will be changed to accepted. If the answer in question is already accepted, it will...
Design/Logic Flaw
The API before 2.1 in OpenStack Image Registry and Delivery Service Glance makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image...
SSL Vulnerabilities Found in Critical Non-Browser Software Packages
The death knell for SSL is getting louder. Researchers at the University of Texas at Austin and Stanford University have discovered that poorly designed APIs used in SSL implementations are to blame for vulnerabilities in many critical non-browser software packages. Serious security vulnerabiliti...
Microsoft Windows XP2000NT 4.0 - Window Message Subsystem Design Error (5)
Microsoft Windows XP2000NT 4.0 - Window Message Subsystem Design Error 5 // source: https://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely...
Microsoft Windows XP2000NT 4.0 - Window Message Subsystem Design Error (4)
Microsoft Windows XP2000NT 4.0 - Window Message Subsystem Design Error 4 // source: https://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely...
Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (4)
// source: https://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based application. Attackers with loca...