7 matches found
Relative Path Traversal
Overview org.apache.ignite:ignite-core is a memory-centric distributed database, caching, and processing platform for transactional, analytical, and streaming workloads delivering in-memory speeds at petabyte scale. Affected versions of this package are vulnerable to Relative Path Traversal via t...
Cleartext Storage of Sensitive Information
Overview zhmcclient is an A pure Python client library for the IBM Z HMC Web Services API Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information due to the logging of sensitive information in clear text. An attacker with access to the logs can obtain...
CVE-2023-41314
The api /api/snapshot and /api/getlogfile would allow unauthenticated access. It could allow a DoS attack or get arbitrary files from FE node. Please upgrade to 2.0.3 to fix these issues...
IBM Cloud Pak for Automation Information Disclosure Vulnerability
IBM Cloud Pak for Automation is an enterprise container cloud intelligence automation software platform that supports business users in building and running automation applications using containers on Kubernetes. An information disclosure vulnerability exists in IBM Cloud Pak for Automation 20.0....
URLextractor - Information Gathering and Website Reconnaissance
Informationgathering & website reconnaissance Usage: ./extractor http://www.hackthissite.org/ Tips: Colorex: put colors to the ouput pip install colorex and use it like ./extractor http://www.hackthissite.org/ | colorex -g "INFO" -r "ALERT" Tldextract: is used by dnsenumeration function pip insta...
Microsoft WinDbg - logviewer.exe Crash (PoC)
Exploit for windows platform in category dos / poc + Credits: HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MS-WINDBG-LOGVIEWER-BUFFER-OVERFLOW.txt + ISR: ApparitionSec Vendor: ================= www.microsoft.com Product: ====================...
USN-1413-1: Nova vulnerability
Dan Prince discovered that Nova did not properly perform input validation on the length of server names. An authenticated attacker could issue requests using long server names to exhaust the storage resources containing the Nova API log file...