Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability

...

ESP-IDF web_server basic auth bypass using empty or incomplete Authorization header

Summary On the ESP-IDF platform, ESPHome's webserver authentication check can pass incorrectly when the client-supplied base64-encoded Authorization value is empty or is a substring of the correct value e.g., correct username with partial password. This allows access to webserver functionality...

Linux Distros Unpatched Vulnerability : CVE-2023-3649

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file CVE-2023-3649 Note that Nessus relies on...

Linux Distros Unpatched Vulnerability : CVE-2018-20725

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS vulnerability exists in graphtemplates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertic...

An Architecture for Privacy-Preserving Telemetry Scheme

Whitepaper called An Architecture For Privacy-Preserving Telemetry Scheme...

How to Create a Scan in Perl to Identify Vulnerable Webservers

This paper, written in Brazilian Portuguese, explains how to create a Perl script to identify vulnerable web servers. In the context of application security, the author provides mitigation recommendations...