Spring Cloud Function SpEL Injection (CVE-2022-22963) Exploited in the Wild

Although Spring Cloud Functions are not as widespread as the Log4j library, and should provide a good separation from the hosting server, some draw the line between the two, due to the ease of exploitation over HTTP/s. This new vulnerability will definitely result in many threat actors launching...

SSL verification omitted in OAuth2 credential flow

Description Pulsar uses Curl to send HTTPS requests and typically uses the tlsAllowInsecure global variable derived from isTlsAllowInsecureConnection to determine whether SSL verification¹ should be enabled/disabled². In the linked occurances, those checks do not occur and SSL verification is...

Iranian Hackers Using New Marlin Backdoor in 'Out to Sea' Espionage Campaign

An advanced persistent threat APT group with ties to Iran has refreshed its malware toolset to include a new backdoor dubbed Marlin as part of a long-running espionage campaign that started in April 2018. Slovak cybersecurity company ESET attributed the attacks — codenamed "Out to Sea" — to a...

Arkhota - A Web Brute Forcer For Android

What? Arkhota is a web HTTP/S brute forcer for Android. Why? A web brute forcer is always in a hacker's computer, for obvious reasons. Sometimes attacks require to be quick or/and with minimal device preparation. Also a phone takes less attention rather than a laptop/computer. For this situations...

GHSA-V24H-PJJV-MCP6 Denial of service in Tendermint

Description Denial of Service 1 Tendermint 0.33.2 and earlier does not limit the number of P2P connection requests. For each p2p connection, Tendermint allocates XXX bytes. Even though this memory is garbage collected once the connection is terminated due to duplicate IP or reaching a maximum...

Security update for python-httplib2 (moderate)

openSUSE Security Update: Security update for python-httplib2 Announcement ID: openSUSE-SU-2021:0772-1 Rating: moderate References: 1171998 1182053 Cross-References: CVE-2020-11078 CVE-2021-21240 CVSS scores: CVE-2020-11078 NVD : 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N CVE-2020-11078 SUS...

CVE-2021-31926

AMP Application Deployment Service in CubeCoders AMP 2.1.x before 2.1.1.2 allows a remote, authenticated user to open ports in the local system firewall by crafting an HTTPS request directly to the applicable API endpoint despite not having permission to make changes to the system's network...

CVE-2021-0269

The improper handling of client-side parameters in J-Web of Juniper Networks Junos OS allows an attacker to perform a number of different malicious actions against a target device when a user is authenticated to J-Web. An attacker may be able to supersede existing parameters, including hardcoded...

Hardcoded credentials

The improper handling of client-side parameters in J-Web of Juniper Networks Junos OS allows an attacker to perform a number of different malicious actions against a target device when a user is authenticated to J-Web. An attacker may be able to supersede existing parameters, including hardcoded...

FreeBSD : All versions of Apache OpenOffice through 4.1.9 can open non-http(s) hyperlinks. If the link is specifically crafted this could lead to untrusted code execution. (e87c2647-a188-11eb-8806-1c1b0d9ea7e6)

The Apache Openofffice project reports : The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-https hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code...

CVE-2021-30245

The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-https hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to...

GHSA-HFWX-C7Q6-G54C Vulnerability allowing for reading internal HTTP resources

Impact The vulnerability allows for reading and outputting files served by other services on the internal network in which the export server is hosted. If the export server is exposed to the internet, this potentially allows a malicious user to gain read access to internal web-resources. The impa...

CVE-2020-15938

Fortinet FortiGate vulnerability CVE-2020-15938 affects FortiGate devices where non-HTTP/S traffic (e.g., SSH) on ports 80/443 is not redirected to the transparent proxy due to missing valid HTTP headers, allowing bypass of the proxy policy. Affected versions include FortiGate below 6.2.5 and bel...

CVE-2020-15938

When traffic other than HTTP/S eg: SSH traffic, etc... traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn't have a valid HTTP header...

Denial of Service

Overview Impact Some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent header in an HTTPS request to maliciously crafted long strings. Patches Please update uap-core t...

CVE-2021-21317

uap-core in an open-source npm package which contains the core of BrowserScope's original user agent string parser. In uap-core before version 0.11.0, some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to...

Design/Logic Flaw

uap-core in an open-source npm package which contains the core of BrowserScope's original user agent string parser. In uap-core before version 0.11.0, some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to...

CVE-2021-21317 Denial of Service in uap-core

uap-core in an open-source npm package which contains the core of BrowserScope's original user agent string parser. In uap-core before version 0.11.0, some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to...

CVE-2021-21246

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the REST UserResource endpoint performs a security check to make sure that only administrators can list user details. However for the /users/id endpoint there are no security checks enforced so it is possible to retrieve...

Oracle Linux 8 : container-tools:1.0 (ELSA-2020-1926)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1926 advisory. - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process' - rebuild because of CVE-2019-9512 and...