Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) may be vulnerable to HTTP request smuggling (CVE-2023-46589)

Summary Due to the use of Apache Tomcat, IBM DevOps Deploy / IBM UrbanCode Deploy UCD is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP trailer headers. By sending a specially crafted HTTPS trailer header, an attacker could exploit this vulnerability to poison the we...

CVE-2023-7077

Sharp NEC Displays P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8 allows an attacker execute remote code by sending unintended parameters in...

Cross site request forgery (csrf)

Sharp NEC Displays P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8 allows an attacker execute remote code by sending unintended parameters in...

CVE-2023-7077

Sharp NEC Displays P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8 allows an attacker execute remote code by sending unintended parameters in...

CVE-2023-7077

Sharp NEC Displays P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8 allows an attacker execute remote code by sending unintended parameters in...

Juniper SRX Firewalls&EX switches - PreAuth Remote Code Execution Exploit

Exploit Title: juniper-SRX-Firewalls&EX-switches PreAuth-RCE PoC Description: This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo function on the login page of the target device, allowing to inspect the PHP configuration. also this...

GYM MS 1.0 Cross Site Scripting

Exploit Title: GYM MS - GYM Management System - Cross Site Scripting Stored Date: 29/09/2023 Vendor Homepage: https://phpgurukul.com/gym-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/projects/GYM-Management-System-using-PHP.zip Version: 1.0 Last Update: 31 August 20...

GYM MS - GYM Management System - Cross Site Scripting Vulnerability

Exploit Title: GYM MS - GYM Management System - Cross Site Scripting Stored Vendor Homepage: https://phpgurukul.com/gym-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/projects/GYM-Management-System-using-PHP.zip Version: 1.0 Last Update: 31 August 2022 Tested On: Kal...

Important: squid

Issue Overview: Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remot...

Important: squid

Issue Overview: Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remot...

Google Extensible Service Proxy 2.20.0 < 2.43.0 Authentication Bypass

Google Extensible Service Proxy ESP is a scalable proxy provided by the Google Cloud Platform GCP used to provide API management features based on an OpenAPI or gRPC API backend. ESP versions starting 2.20.0 and before 2.43.0 suffer from an authentication bypass vulnerability. By crafting a...

SUSE SLES15 Security Update : squid (SUSE-SU-2024:0298-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0298-1 advisory. - CVE-2023-50269: fixed X-Forwarded-For Stack Overflow. bsc1217654 - CVE-2024-23638: fixed Denial of Service attack against Cache...

SUSE SLES12 Security Update : squid (SUSE-SU-2024:0296-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0296-1 advisory. - CVE-2023-50269: fixed X-Forwarded-For Stack Overflow. bsc1217654 - CVE-2024-23638: fixed Denial of Service attack against Cache...

Security Bulletin: There is a vulnerability in jetty-http-9.4.51.v20230217.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-40167 and CVE-2023-36478)

Summary There is a vulnerability in jetty-http-9.4.51.v20230217.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-40167 DESCRIPTION: Jetty is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP/1 request header...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to HTTP request smuggling in Apache Tomcat [CVE-2023-45648]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to HTTP request smuggling in Apache Tomcat, caused by improper parsing of HTTP trailer headers CVE-2023-45648. Apache Tomcat is used as a component of our Speech microservices. This vulnerabilitiy has been...

GHSA-PF55-FJ96-XF37 @lobehub/chat vulnerable to unauthorized access to plugins

Description: When the application is password-protected deployed with the ACCESSCODE option, it is possible to access plugins without proper authorization without password. Proof-of-Concept: Let’s suppose that application has been deployed with following command: sudo docker run -d -p 3210:3210 -...

Mirth Connect 4.4.0 Remote Command Execution Exploit

A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application. The original vulnerability was identified by IHTeam and...

Mirth Connect Deserialization RCE

A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application. The original vulnerability was identified by IHTeam and...

CVE-2024-23829

An HTTP request smuggling vulnerability was found in aiohttp. Security-sensitive parts of the Python HTTP parser retained minor differences in allowable character sets that must trigger error handling to robustly match frame boundaries of proxies in order to protect against the injection of...

RHEL 8 : python-urllib3 (RHSA-2024:0588)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0588 advisory. The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: python-urllib3:...