Lucene search
K

11 matches found

Hacker One
Hacker One
added 2026/06/01 3:28 p.m.34 views

curl: libcurl 8.20.0 ignores HTTP Digest domain protection space and preemptively leaks Digest auth outside the declared scope

Summary: libcurl 8.20.0 ignores the server-declared HTTP Digest domain protection space for origin authentication and reuses stored Digest state too broadly on the same easy handle. After a successful Digest-authenticated request, a later request on the same easy handle can receive a preemptive...

5.8AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in sendmail

Sendmail in version 8.17.2 allows for SMTP smuggling in certain configurations. Remote attackers can utilize a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, thereby bypassing an SPF protection mechanism. This issue arises because Sendmail supports...

5.3CVSS6.2AI score0.01073EPSS
Exploits2References1
Packet Storm News
Packet Storm News
added 2025/10/29 12:0 a.m.3 views

Is Protective DNS Blocking the Wild West?

We perform a passive measurement study investigating how a Protective DNS service might perform in a Research & Education Network serving hundreds of member institutions. Utilizing freely-available DNS blocklists consisting of domain names deemed to be threats, we test hundreds of millions of...

6.9AI score
Exploits0
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.8 views

Fortinet FortiOS和Fortinet FortiProxy 安全特征问题漏洞

Fortinet FortiOS and Fortinet FortiProxy are both products of Fortinet, Inc. Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content...

5.3CVSS6.2AI score0.00402EPSS
Exploits1References2
Malwarebytes
Malwarebytes
added 2023/01/05 11:45 a.m.17 views

FBI warns of imposter ads in search results

The FBI has issued a public notice which includes advice to block adverts. Why? Lets take a look. The bogus advert tightrope Its no secret that rogue ads have been a particular plague on the Internet for as far back as we can remember. From irritating pop ups and spinning "Youve won a prize"...

0.4AI score
Exploits0
Github Security Blog
Github Security Blog
added 2021/09/08 9:11 p.m.63 views

Flask-AppBuilder Open Redirect vulnerability

Impact If using Flask-AppBuilder OAuth, an attacker can share a carefully crafted URL with a trusted domain for an application built with Flask-AppBuilder, this URL can redirect a user to a malicious site. This is an open redirect vulnerability Patches Install Flask-AppBuilder 3.2.2 or above...

7.2CVSS6.2AI score0.007EPSS
Exploits0References7Affected Software1
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/09/01 4:0 p.m.40 views

Get free DMARC visibility with Valimail Authenticate and Microsoft Office 365

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Phishing and email spoofing not only erode brand trust but also leave recipients vulnerable to financial loss and serious invasions of privacy. These tactics have been around for...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/26 10:38 a.m.265 views

How to Test and Improve Your Domain's Email Security?

No matter which type of business you are in, whether small, medium, or large, email has become an irrefutable tool for communicating with your employees, partners, and customers. Emails are sent and received each day in bulk by companies from various sources. In addition, organizations may also...

0.5AI score
Exploits0
ThreatPost
ThreatPost
added 2019/07/29 7:54 p.m.194 views

ThreatList: DMARC Adoption Nonexistent at 80% of Orgs

About 80 percent of company web domains don’t have standard email authentication protections in place. That’s according to 250ok’s Global DMARC Adoption 2019 report, which analyzed 25,700 domains in the education, e-commerce, legal, financial services, SaaS and nonprofit sectors, as well as the...

7.2AI score
Exploits0References6
Akamai Blog
Akamai Blog
added 2019/05/06 4:0 a.m.17 views

Edge DNS Secondary Implementation: Order or Operations for NS Zone & Registrar Records

Akamai's Edge DNS service provides cloud-based, authoritative domain services to thousands of organizations. Edge DNS is the most widely deployed cloud DNS service pushed to the edge of the Internet. Every organization must protect their domain name. Akamai originally built Fast DNS now Edge DNS ...

1.8AI score
Exploits0
seebug.org
seebug.org
added 2009/11/20 12:0 a.m.27 views

Google Chrome帧同源策略绕过漏洞

Bugraq ID: 37067 Google Chrome Frame是一款浏览器插件,可使用户的浏览器外观依然是IE的菜单和界面,但实际是Google Chrome浏览器内核浏览网页。 Google Chrome Frame存在安全漏洞允许攻击者绕过同源策略并执行特权操作。 Google Chrome Frame 4.0.223.9 Google Chrome Frame 4.0.245.1 Official Build 31970已经修复此漏洞,建议用户下载使用: http://www.google.com/chromeframe 建立如下HTML文档并进行测试: iframe...

6.9AI score
Exploits0
Rows per page
Query Builder