7 matches found
CVE-2021-41861
The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248. After approximately two to four uses of the self-destruct feature, there is a misleading UI indication that an image was deleted on both the...
CVE-2021-32643
Http4s is a Scala interface for HTTP services. StaticFile.fromUrl can leak the presence of a directory on a server when the URL scheme is not file://, and the URL points to a fetchable resource under its scheme and authority. The function returns FNone, indicating no resource, if url.getFile is a...
Design/Logic Flaw
Http4s is a Scala interface for HTTP services. StaticFile.fromUrl can leak the presence of a directory on a server when the URL scheme is not file://, and the URL points to a fetchable resource under its scheme and authority. The function returns FNone, indicating no resource, if url.getFile is a...
CVE-2021-32643 StaticFile.fromUrl can leak presence of a directory
Http4s is a Scala interface for HTTP services. StaticFile.fromUrl can leak the presence of a directory on a server when the URL scheme is not file://, and the URL points to a fetchable resource under its scheme and authority. The function returns FNone, indicating no resource, if url.getFile is a...
Security Bulletin: OpenSource Apache Tomcat Vulnerability affects IBM Algorithmics Counterparty Credit Risk
Summary Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error when accessing a protected directory. By redirecting to the URL, an attacker could exploit this vulnerability to determine the presence of a directory. OpenSource Apache Tomcat is used by IBM...
The YAWAST Antecedent Web Application Security Toolkit
The YAWAST Antecedent Web Application Security Toolkit YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors. It performs basic checks in these categories: TLS/SSL – Versions and cipher suites supported; common issues...
SMB Scanner Check File/Directory Utility
This module is useful when checking an entire network of SMB hosts for the presence of a known file or directory. An example would be to scan all systems for the presence of antivirus or known malware outbreak. Typically you must set RPATH, SMBUser, SMBDomain and SMBPass to operate correctly. Thi...