Lucene search
K

6 matches found

Packet Storm News
Packet Storm News
added 2026/02/25 12:0 a.m.4 views

The Silent Spill: Measuring Sensitive Data Leaks across Public URL Repositories

A large number of URLs are made public by various platforms for security analysis, archiving, and paste sharing -- such as VirusTotal, URLScan.io, Hybrid Analysis, the Wayback Machine, and RedHunt. These services may unintentionally expose links containing sensitive information, as reported in so...

5.9AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:37 a.m.2 views

SUSE CVE-2021-41125

Scrapy is a high-level web crawling and scraping framework for Python. If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for HTTP authentication, all requests will expose your credentials to the request target. This includes requests generated by Scrapy components, su...

6.5CVSS7.7AI score0.01196EPSS
Exploits0References3
PyPA
PyPA
added 2021/10/06 6:15 p.m.5 views

PYSEC-2021-363

Scrapy is a high-level web crawling and scraping framework for Python. If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for HTTP authentication, all requests will expose your credentials to the request target. This includes requests generated by Scrapy components, su...

6.5CVSS7.1AI score0.01196EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2016:1024-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.3693EPSS
Exploits0References15
Veracode
Veracode
added 2019/11/01 5:32 a.m.19 views

Incorrect Authentication Leading To Impersonation

Search Guard Kibana Plugin is susceptible to incorrect authentication. It is possible for a Kibana user to impersonate as kibanaserver user by submitting incorrect credentials and by fulfilling following conditions: 1 Kibana is configured to use Single-Sign-On as authentication method, one of...

8.8CVSS1.2AI score0.00677EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2019/08/23 2:15 p.m.21 views

Authentication flaw

Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a Kibana is configured to use Single-Sign-On as...

6.5CVSS8.7AI score0.00677EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder