EUVD-2006-4333

Malware in sbrugna...

GeoNode 信息泄露漏洞

GeoNode is an open source platform that facilitates the creation, sharing and collaborative use of geospatial data. An information disclosure vulnerability exists in GeoNode versions prior to 2.20.7, which stems from an anonymous user being able to obtain sensitive configuration-related informati...

The Convergence of Endpoint Protection with Detection & Response

By almost every account, trend, or metric, the cybersecurity threat landscape is getting worse year over year. According to Qualys Labs, 2020 saw the highest number of vulnerabilities ever recorded. The average time it takes to patch vulnerabilities is months not weeks or days. Ransomware payouts...

CS Money: Improper authentication in the load sell inventory page

Summary: Hello team, I found an endpoint response all data relate to sell mode inventory that doesn't have improper authentication in the link: https://cs.money/loadsellmodeinventory Steps To Reproduce: add details for how we can reproduce the issue 1. Open directly the link:...

asterisk -- Remote Crash Vulnerability in chan_sip channel driver

The Asterisk project reports: When T.38 faxing is done in Asterisk a T.38 reinvite may be sent to an endpoint to switch it to T.38. If the endpoint responds with an improperly formatted SDP answer including both a T.38 UDPTL stream and an audio or video stream containing only codecs not allowed o...

CVE-2006-4345

Stack-based buffer overflow in channels/chanmgcp.c in MGCP in Asterisk 1.0 through 1.2.10 allows remote attackers to execute arbitrary code via a crafted audit endpoint AUEP response...