412 matches found
a-cv-imwrite-imread-plus (=0.12.0), aana (>=0.2.1 <=0.2.4) +3126 more potentially affected by CVE-2019-14491 via opencv-python-headless (>=4.0.0.21 <=4.1.0.25)
opencv-python-headless PYPI version =4.0.0.21, =0.2.1, =1.0.0, =0.17.3, =0.0.1.44, =0.0.1, =0.0.1, =0.2.1, =0.2.0, =0.3.0, =0.1.0, =0.1.2 and more Source cves: CVE-2019-14491 Source advisory: OSV:GHSA-FM39-CW8H-3P63...
FUSE - A Penetration Testing Tool For Finding File Upload Bugs
FUSE is a penetration testing system designed to identify Unrestricted Executable File Upload UEFU vulnerabilities. The details of the testing strategy is in our paper, "FUSE: Finding File Upload Bugs via Penetration Testing", which appeared in NDSS 2020. To see how to configure and execute FUSE,...
Plution - Prototype Pollution Scanner Using Headless Chrome
Plution is a convenient way to scan at scale for pages that are vulnerable to client side prototype pollution via a URL payload. In the default configuration, it will use a hardcoded payload that can detect 11 of the cases documented here:...
Directory Traversal
Overview convert-svg-to-png is a package for converting SVG to PNG using headless Chromium. Affected versions of this package are vulnerable to Directory Traversal. Using a specially crafted SVG file, an attacker could read arbitrary files from the file system and then show the file content as a...
[ASA-202107-65] jre-openjdk-headless: multiple issues
Arch Linux Security Advisory ASA-202107-65 ========================================== Severity: High Date : 2021-07-22 CVE-ID : CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 Package : jre-openjdk-headless Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2188 Summary =====...
[ASA-202107-54] jre11-openjdk-headless: multiple issues
Arch Linux Security Advisory ASA-202107-54 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 Package : jre11-openjdk-headless Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2189 Summary...
Lazyrecon - Tool To Automate Your Reconnaissance Process In An Organized Fashion
Lazyrecon is a subdomain discovery tool that finds and resolves valid subdomains then performs SSRF/LFI/SQLi fuzzing, brute-force and port scanning. It has a simple modular architecture and is optimized for speed while working with github and wayback machine. Features Super fast asynchronous...
QIWI: SSRF на https://qiwi.com с помощью "Prerender HAR Capturer"
Здравствуйте! На сайте https://qiwi.com вы используете Prerender HAR Capturer 5.6.0 на основе Headless Chrome для рендеринга HTML, снимков экрана, PDF-файлов и файлов HAR с любой веб-страницы https://github.com/prerender/prerender. Если на qiwi.com послать запрос с измененным юзер-агентом...
Monospace Directus Headless CMS File Upload / Rule Bypass Vulnerabilities
======================================================================= title: Arbitrary File Upload and Bypassing .htaccess Rules product: Monospace Directus Headless CMS vulnerable version: v8.8.2 fixed version: v8.8.2, v9 is not affected because of different architecture CVE number:...
SSRF in Rendertron
Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery SSRF attack. An attacker can use a specially crafted webpage to force a rendertron headless chrome process to render internal sites it has access to, and display it as a screenshot. Suggested mitigations are t...
GHSA-XR9H-9M79-X29G SSRF in Rendertron
Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery SSRF attack. An attacker can use a specially crafted webpage to force a rendertron headless chrome process to render internal sites it has access to, and display it as a screenshot. Suggested mitigations are t...
Server-Side Request Forgery (SSRF)
rendertron is vulnerable to sever-side request forgery SSRF. The vulnerability exists as it allows the headless chrome to access the internal domains, forcing the rendertron headless chrome process to render internal sites and display the response as a screenshot...
CVE-2020-8902
Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery SSRF attack. An attacker can use a specially crafted webpage to force a rendertron headless chrome process to render internal sites it has access to, and display it as a screenshot. Suggested mitigations are t...
CVE-2020-8902
Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery SSRF attack. An attacker can use a specially crafted webpage to force a rendertron headless chrome process to render internal sites it has access to, and display it as a screenshot. Suggested mitigations are t...
Server side request forgery (ssrf)
Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery SSRF attack. An attacker can use a specially crafted webpage to force a rendertron headless chrome process to render internal sites it has access to, and display it as a screenshot. Suggested mitigations are t...
CVE-2020-8902 SSRF in Rendertron
Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery SSRF attack. An attacker can use a specially crafted webpage to force a rendertron headless chrome process to render internal sites it has access to, and display it as a screenshot. Suggested mitigations are t...
CVE-2020-8902
Summary (CVE-2020-8902): Rendertron versions prior to 3.0.0 are vulnerable to an SSRF flaw. An attacker can craft a webpage that causes a headless Chrome process used by Rendertron to render internal sites accessible to the system, potentially exposing internal resources as screenshots. Affected ...
Rendertron Code Issues Vulnerabilities
Martin Splitt Rendertron is a GlobalMartin Splitt open source application providing a headless Chrome rendering solution designed to instantly render and serialize web pages. A code issue vulnerability exists in Rendertron versions prior to 3.0.0, which can be exploited by an attacker to force a...
h1-ctf: Grinch Networks compromised!
Grinch Networks compromised! For fast triage/validation and inspired by @manoelt in other CTF, I made a bash script to find and print all the 12 flags of this CTF. The script uses curl, wget, google-chrome headless for flag 2, unzip, grep and sed. If any of these commands is missing, the script...
Scrying - A Tool For Collecting RDP, Web And VNC Screenshots All In One Place
A new tool for collecting RDP, web and VNC screenshots all in one place This tool is still a work-in-progress and should be mostly usable but is not yet complete. Please file any bugs or feature requests as GitHub issues Caveats Web screenshotting relies on Chromium or Google Chrome being install...