EUVD-2022-37721

Malicious code in bioql PyPI...

EUVD-2023-56488

Malicious code in bioql PyPI...

EUVD-2025-16165

Malicious code in bioql PyPI...

CVE-2023-51804

An issue in rymcu forest v.0.02 allows a remote attacker to obtain sensitive information via manipulation of the HTTP body URL in the com.rymcu.forest.web.api.common.UploadController file...

ROS-20240923-02

Vulnerability of ANGLE library in Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

CVE-2024-45410

Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the request is routed to the application. For a HTTP client, it should not be possible to remove or modif...

HTTP client can manipulate custom HTTP headers that are added by Traefik

Impact There is a vulnerability in Traefik that allows the client to remove the X-Forwarded headers except the header X-Forwarded-For. Patches - https://github.com/traefik/traefik/releases/tag/v2.11.9 - https://github.com/traefik/traefik/releases/tag/v3.1.3 Workarounds No workaround. For more...

CVE-2023-51804

CVE-2023-51804 affects rymcu forest v0.02. The vulnerability exists in the com.rymcu.forest.web.api.common.UploadController where manipulation of the HTTP body URL enables a remote attacker to obtain sensitive information. Initial metrics indicate CVSSv3.1 base score 7.5 (High) with Attack Vector...

CVE-2023-48256

The vulnerability allows a remote attacker to inject arbitrary HTTP response headers or manipulate HTTP response bodies inside a victim’s session via a crafted URL or HTTP request...

CVE-2022-2764

A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LASTCHUNK from the bytes, causing a denial of service...

CVE-2020-26282

BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file. BrowserUp Proxy works well as a standalone proxy server, but it is especially useful when embedded in Selenium tests. A Server-Side Template Injection was...

Remote code execution

BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file. BrowserUp Proxy works well as a standalone proxy server, but it is especially useful when embedded in Selenium tests. A Server-Side Template Injection was...

CVE-2020-26282

CVE-2020-26282 affects BrowserUp Proxy. A Server-Side Template Injection allows attackers to inject arbitrary Java EL expressions, enabling unauthenticated Remote Code Execution. This vulnerability is fixed in version 2.1.2; affected deployments should upgrade to 2.1.2+ to mitigate. The issue ari...

NewStart CGSL MAIN 4.05 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0111)

The remote NewStart CGSL host, running version MAIN 4.05, has java-1.8.0-openjdk packages installed that are affected by multiple vulnerabilities: - It was found that the JAXP component of OpenJDK failed to correctly enforce parse tree size limits when parsing XML document. An attacker able to ma...

Advanced Network Monitoring & MITM Attack Framework: Bettercap

Evil socket just announced the release of the second generation of bettercap , a complete re-implementation of the most complete and advanced Man-in-the-Middle attack framework. This release not only brings MITM attacks to the next level, but it aims to be the reference framework for network...

Mccafé McAfee LiveSafe MiTM RCE Vulnerability CVE-2017-3898 research topic-vulnerability warning-the black bar safety net

Vulnerability flaws bug overview The vulnerability flaws bugs affecting McAfee LiveSafe MLS 16.0.3 previous all version, the presence of the long-distance code to fulfill. This vulnerability flaws bug to allow the invasion of the attacker via the process of tampering with the HTTP after the end o...

RHEL 6 : java-1.8.0-openjdk (RHSA-2017:1109)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:1109 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

DIY Web Proxy: proxenet

proxenet is a multi-threaded proxy which allows you to manipulate your HTTP requests and responses using your favorite scripting language. No need to learn Java like for Burp or Python like for mitmproxy . proxenet supports heaps of languages and more can be added easily. proxenet is a C-based...