Lucene search
K

604 matches found

Fedora
Fedora
added 2020/02/23 1:9 a.m.51 views

[SECURITY] Fedora 30 Update: nghttp2-1.40.0-1.fc30

This package contains the HTTP/2 client, server and proxy programs...

9.8CVSS2.3AI score0.58373EPSS
Exploits0
Debian
Debian
added 2020/02/19 6:4 p.m.64 views

[SECURITY] [DLA 2109-1] netty security update

Package : netty Version : 1:3.2.6.Final-2+deb8u2 CVE ID : CVE-2019-20444 CVE-2019-20445 CVE-2020-7238 Debian Bug : 950966 950967 Several vulnerabilities were discovered in the HTTP server provided by Netty, a Java NIO client/server socket framework: CVE-2019-20444 HttpObjectDecoder.java allows an...

9.1CVSS9.5AI score0.13474EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2020/02/12 6:38 a.m.5 views

golang: invalid public key causes panic in dsa.Verify

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates...

7.5CVSS7.3AI score0.04693EPSS
Exploits1References5
Mageia
Mageia
added 2019/12/19 1:44 p.m.45 views

Updated pacemaker packages fix security vulnerabilities

The updated packages fix security vulnerabilities: A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs. CVE-2019-3885 A flaw was found in the way pacemaker's client-server authenticatio...

8.8CVSS2.8AI score0.01962EPSS
Exploits0References6
Imperva Blog
Imperva Blog
added 2019/11/27 4:58 p.m.80 views

How to Maximize Your WAF

Whenever new WAF clients are brought aboard, there’s a procedure they must follow in order to properly configure their servers to work behind the WAF protection. You can find an example of the Imperva Cloud WAF onboarding procedure here. Sometimes, however, customers can miss important procedures...

0.1AI score
Exploits0
OSV
OSV
added 2019/11/26 4:15 a.m.24 views

CVE-2019-19272

An issue was discovered in tlsverifycrl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer a variable initialized to NULL leads to a crash when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup...

7.5CVSS6.7AI score
Exploits0References1
Debian CVE
Debian CVE
added 2019/11/26 3:33 a.m.35 views

CVE-2019-19272

An issue was discovered in tlsverifycrl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer a variable initialized to NULL leads to a crash when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup...

7.5CVSS6.4AI score0.00947EPSS
Exploits0
Cvelist
Cvelist
added 2019/11/26 3:33 a.m.26 views

CVE-2019-19272

An issue was discovered in tlsverifycrl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer a variable initialized to NULL leads to a crash when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup...

7.6AI score0.00947EPSS
Exploits0References1
Kitploit
Kitploit
added 2019/11/24 12:27 p.m.99 views

Glances - An Eye On Your System. A Top/Htop Alternative For GNU/Linux, BSD, Mac OS And Windows Operating Systems

Glances is a cross-platform monitoring tool which aims to present a large amount of monitoring information through a curses or Web based interface. The information dynamically adapts depending on the size of the user interface. It can also work in client/server mode. Remote monitoring could be do...

6.7AI score
Exploits0References4
Fedora
Fedora
added 2019/11/17 1:32 a.m.14 views

[SECURITY] Fedora 31 Update: freetds-1.1.20-1.fc31

FreeTDS is a project to document and implement the TDS Tabular DataStream protocol. TDS is used by SybaseTM and MicrosoftTM for client to database server communications. FreeTDS includes call level interfaces for DB-Lib, CT-Lib, and ODBC...

2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.8 views

MariaDB Client/Server Installed (Linux)

Binary data mariadbnixinstalled.nbin...

7.3AI score
Exploits0
Prion
Prion
added 2019/10/24 10:15 p.m.28 views

Code injection

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates...

5CVSS7.3AI score0.04693EPSS
Exploits1References13Affected Software11
Tenable Nessus
Tenable Nessus
added 2019/10/18 12:0 a.m.20 views

PostgreSQL Client/Server Installed (Linux)

Binary data postgresinstallednix.nbin...

7.3AI score
Exploits0
Ubuntu
Ubuntu
added 2019/10/09 5:54 p.m.89 views

USN-4152-1: libsoup vulnerability

It was discovered that libsoup incorrectly handled parsing certain NTLM messages. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause a denial of service...

9.8CVSS8AI score0.02784EPSS
Exploits0
Kitploit
Kitploit
added 2019/09/22 8:53 p.m.175 views

ArmourBird CSF - Container Security Framework

ArmourBird CSF - Container Security Framework is an extensible, modular, API-first framework build for regular security monitoring of docker installations and containers against CIS and other custom security checks. ArmourBird CSF has a client-server architecture and is thus divided into two...

7.5AI score
Exploits0References4
Fedora
Fedora
added 2019/09/04 3:13 a.m.46 views

[SECURITY] Fedora 30 Update: community-mysql-8.0.17-2.fc30

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

5.5CVSS2.7AI score0.03919EPSS
Exploits0
pentestit
pentestit
added 2019/08/08 5:7 a.m.81 views

UPDATE: SILENTTRINITY v0.3.0

PenTestIT RSS Feed Just yesterday, I wrote about this open source post-exploitation C2 framework and a new release is already available. The post was titled - List of Open Source C2 Post-Exploitation Frameworks. We now have SILENTTRINITY v0.3.0 amongst us, which was in the works for a long time!...

1.7AI score
Exploits0
GithubExploit
GithubExploit
added 2019/07/22 8:23 p.m.2466 views

Exploit for Integer Overflow or Wraparound in Linux Linux_Kernel

cve-2019-11477-poc Simple Test 1. Start two VMs - one for...

7.8CVSS8AI score0.98745EPSS
Exploits4
OSV
OSV
added 2019/07/22 5:15 p.m.5 views

CVE-2019-13097

The application API of Cat Runner Decorate Home version 2.8.0 for Android does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. Attackers can manipulate users' score parameters exchanged between client and server...

7.5CVSS7.1AI score0.0137EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2019/07/22 5:15 p.m.1 views

CVE-2019-13097

The application API of Cat Runner Decorate Home version 2.8.0 for Android does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. Attackers can manipulate users' score parameters exchanged between client and server...

7.5CVSS5.4AI score0.0137EPSS
Exploits1References3
Rows per page
Query Builder