131 matches found
Pipenv 命令注入漏洞
Pipenv is a tool designed to bring the best of all packaging worlds packager, composer, npm, cargo, yarn, etc. to the Python world. pipenv suffers from a command injection vulnerability that stems from allowing an attacker to insert specially crafted strings into comments anywhere in a...
Vulnerabilities fixed in Python
Red Hat has fixed a vulnerability in Python. The vulnerability allows a remote malicious party to cause a denial-of-service exploit in the HTTP client of the victim. To do so, the malicious party must cause the victim to establish an authentication session with an HTTP server that is under contro...
CVE-2021-36367
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...
CVE-2021-36367
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...
Vulnerabilities fixed in cURL
Vulnerabilities have been fixed in cURL.The vulnerabilities allow a remote malicious person the ability to obtain sensitive information obtain. To do so, the malicious party must induce the victim to visit a server under the control of the malicious party. -= Debian =- Debian has made updates to...
kernel: TOCTOU mismatch in the NFS client code
A flaw was found in the NFSv4 implementation where when mounting a remote attacker controlled server it could return specially crafted response allow for local memory corruption and possibly privilege escalation...
CVE-2020-27687
ThingsBoard before v3.2 is vulnerable to Host header injection in password-reset emails. This allows an attacker to send malicious links in password-reset emails to victims, pointing to an attacker-controlled server. Lack of validation of the Host header allows this to happen...
Thingsboard 注入漏洞
Thingsboard is a Java-based platform for monitoring, management, and data collection of IOT devices from the Thingsboard team. A security vulnerability exists in versions prior to ThingsBoard v3.2 that stems from the injection of host headers in password reset emails. This allowed an attacker to...
Russian APT28 Hackers Using COVID-19 as Bait to Deliver Zebrocy Malware
A Russian threat actor known for its malware campaigns has reappeared in the threat landscape with yet another attack leveraging COVID-19 as phishing lures, once again indicating how adversaries are adept at repurposing the current world events to their advantage. Linking the operation to a...
kernel: TOCTOU mismatch in the NFS client code
A flaw was found in the NFSv4 implementation where when mounting a remote attacker controlled server it could return specially crafted response allow for local memory corruption and possibly privilege escalation...
DEBIAN-CVE-2020-15646
If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a server controlled by the attacker. This...
New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data
Cybercriminal groups are constantly evolving to find new ways to pilfer financial information, and the latest trick in their arsenal is to leverage the messaging app Telegram to their benefit. In what's a new tactic adopted by Magecart groups, the encrypted messaging service is being used to send...
PT-2020-15432 · Jenkins · Jenkins Zephyr For Jira Test Management Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Zephyr for JIRA Test Management Plugin versions 1.5 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specifi...
DEBIAN-CVE-2020-14058
An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This occurs becaus...
UBUNTU-CVE-2020-12667
Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records...
lftp: particular remote file names may lead to current working directory erased
It has been discovered that lftp does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker-controlled FTP server, resulting in the removal of all files...
CVE-2020-8794
OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mtaio in mtasession.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the server code launches the client code during bounce...
Official Monero Site Hacked to Distribute Cryptocurrency Stealing Malware
What an irony — someone hacked the official website of the Monero cryptocurrency project and quietly replaced legitimate Linux and Windows binaries available for download with malicious versions designed to steal funds from users' wallets. The latest supply-chain cyberattack was revealed on Monda...
CVE-2019-10389
A missing permission check in Jenkins Relution Enterprise Appstore Publisher Plugin 1.24 and earlier allows attackers to have Jenkins initiate an HTTP connection to an attacker-specified server...
DEBIAN-CVE-2018-20852
http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostnam...