5909 matches found
Ubuntu 16.04 LTS / 18.04 LTS : Squid vulnerabilities (USN-4289-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4289-1 advisory. Jeriko One discovered that Squid incorrectly handled memory when connected to an FTP server. A remote attacker could possibly use this issue ...
Advantech WISE-PaaS RMM Code Execution (CVE-2019-13551)
A Remote Code Execution vulnerability exists in Advantech WISE-PaaS RMM. The vulnerability is due to insufficient input validation when processing HTTP requests. A remote, unauthenticated attacker could exploit this vulnerability by sending crafted HTTP requests to a target server. Successful...
USN-4289-1 squid, squid3 vulnerabilities
Jeriko One discovered that Squid incorrectly handled memory when connected to an FTP server. A remote attacker could possibly use this issue to obtain sensitive information from Squid memory. CVE-2019-12528 Regis Leroy discovered that Squid incorrectly handled certain HTTP requests. A remote...
CVE-2019-20100
The Atlassian Application Links plugin is vulnerable to cross-site request forgery CSRF. The following versions are affected: all versions prior to 5.4.21, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version 7.0.2, and from version...
Cross site request forgery (csrf)
The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumera...
Cross site request forgery (csrf)
The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerat...
Cross site request forgery (csrf)
The Atlassian Application Links plugin is vulnerable to cross-site request forgery CSRF. The following versions are affected: all versions prior to 5.4.21, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version 7.0.2, and from version...
CVE-2019-20098
The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumera...
CVE-2019-20099
The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerat...
Race condition
A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU All versions V3.X.17, SIMATIC ET 200pro IM154-8F PN/DP CPU All versions V3.X.17, SIMATIC ET 200pro IM154-8FX PN/DP CPU All versions V3.X.17, SIMATIC ET 200S IM151-8 PN/DP CPU All versions V3.X.17, SIMATIC ET 200S IM151-8F...
PT-2020-9415 · Siemens · Simatic S7-300 Cpu 317Tf-3 Pn/Dp +14
Name of the Vulnerable Software and Affected Versions: SIMATIC ET 200pro IM154-8 PN/DP CPU versions prior to V3.X.17 SIMATIC ET 200pro IM154-8F PN/DP CPU versions prior to V3.X.17 SIMATIC ET 200pro IM154-8FX PN/DP CPU versions prior to V3.X.17 SIMATIC ET 200S IM151-8 PN/DP CPU versions prior to...
EyesOfNetwork 5.3 - Remote Code Execution
EyesOfNetwork 5.3 - Remote Code Execution Exploit Title: EyesOfNetwork 5.3 - Remote Code Execution Date: 2020-02-01 Exploit Author: Clément Billac Vendor Homepage: https://www.eyesofnetwork.com/ Software Link: http://download.eyesofnetwork.com/EyesOfNetwork-5.3-x8664-bin.iso Version: 5.3 CVE :...
EyesOfNetwork 5.3 Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: EyesOfNetwork 5.3 - Remote Code Execution Exploit Author: Clément Billac Vendor Homepage: https://www.eyesofnetwork.com/ Software Link: http://download.eyesofnetwork.com/EyesOfNetwork-5.3-x8664-bin.iso Version: 5.3 CVE :...
CSRF in Application Links plugin allows network enumeration - CVE-2019-20100
Atlassian Jira Server and Data Center before version 8.7.0 use a version of the Atlassian Application Links plugin that is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to...
CSRF in VerifyPopServerConnection!add.jspa - CVE-2019-20099
The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerat...
CSRF in VerifyPopServerConnection!add.jspa - CVE-2019-20099
The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerat...
CSRF in VerifySmtpServerConnection!add.jspa - CVE-2019-20098
The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumera...
CSRF in VerifySmtpServerConnection!add.jspa - CVE-2019-20098
The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumera...
CVE-2020-8449
A flaw was found in squid. Due to incorrect input validation, squid can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters...
CVE-2020-8449
An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters...