Lucene search
K

5908 matches found

RedHat Linux
RedHat Linux
added 2017/10/30 12:15 a.m.2 views

tomcat: Remote Code Execution bypass for CVE-2017-12615

A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution...

8.1CVSS7.5AI score0.99988EPSS
Exploits36References7
OSV
OSV
added 2017/10/27 2:29 p.m.5 views

CVE-2017-6160

In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.4.1 to 11.5.4, a remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel TMM to restart and temporarily fail to process traffic. This issue is exposed on virtual servers...

5.9CVSS5.8AI score0.03645EPSS
Exploits0References3
NVD
NVD
added 2017/10/26 1:29 p.m.15 views

CVE-2017-7341

An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 through 6.1-5, 7.0-7 through 7.0-10, 8.0 through 8.2, and 8.3.0 through 8.3.2 file management AP script download webUI page allows an authenticated admin user to execute arbitrary system console commands via crafted HTTP requests...

9CVSS7.5AI score0.03895EPSS
Exploits0References2
Prion
Prion
added 2017/10/26 1:29 p.m.11 views

Cross site scripting

A reflected Cross-Site Scripting XSS vulnerability in Fortinet FortiMail 5.1 and earlier, 5.2.0 through 5.2.9, and 5.3.0 through 5.3.9 customized pre-authentication webmail login page allows attacker to inject arbitrary web script or HTML via crafted HTTP requests...

4.3CVSS5.8AI score0.02092EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/10/26 1:0 p.m.24 views

CVE-2017-7732

A reflected Cross-Site Scripting XSS vulnerability in Fortinet FortiMail 5.1 and earlier, 5.2.0 through 5.2.9, and 5.3.0 through 5.3.9 customized pre-authentication webmail login page allows attacker to inject arbitrary web script or HTML via crafted HTTP requests...

5.9AI score0.02092EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2017/10/26 1:0 p.m.8 views

CVE-2017-7341

An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 through 6.1-5, 7.0-7 through 7.0-10, 8.0 through 8.2, and 8.3.0 through 8.3.2 file management AP script download webUI page allows an authenticated admin user to execute arbitrary system console commands via crafted HTTP requests...

8.2AI score0.03895EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/10/26 1:0 p.m.16 views

CVE-2017-7341

An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 through 6.1-5, 7.0-7 through 7.0-10, 8.0 through 8.2, and 8.3.0 through 8.3.2 file management AP script download webUI page allows an authenticated admin user to execute arbitrary system console commands via crafted HTTP requests...

7.5AI score0.03895EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2017/10/26 1:0 p.m.9 views

CVE-2017-7732

A reflected Cross-Site Scripting XSS vulnerability in Fortinet FortiMail 5.1 and earlier, 5.2.0 through 5.2.9, and 5.3.0 through 5.3.9 customized pre-authentication webmail login page allows attacker to inject arbitrary web script or HTML via crafted HTTP requests...

5.7AI score0.02092EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2017/10/24 6:33 p.m.37 views

actionpack Cross-Site Request Forgery vulnerability

Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks via forged 1 AJAX or 2 API requests that...

6.8CVSS6.3AI score0.01407EPSS
Exploits1References13Affected Software1
RubySec
RubySec
added 2017/10/24 12:0 a.m.43 views

CSRF Protection Bypass in Ruby on Rails

Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks via forged 1 AJAX or 2 API requests that...

6.8CVSS6.3AI score0.01589EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/10/23 12:0 a.m.48 views

AVTech Multiple Vulnerabilities

The remote AVTech device is affected by multiple vulnerabilities. Depending on the firmware version the vulnerabilities may include: - All user passwords are stored in cleartext - The web interface does not use CSRF protections - An attacker is able to perform arbitrary HTTP requests through the...

6.1AI score
Exploits0References3
0day.today
0day.today
added 2017/10/18 12:0 a.m.170 views

Apache Solr 7.0.1 - XML External Entity Expansion / Remote Code Execution Vulnerability

Exploit for java platform in category web applications First Vulnerability: XML External Entity Expansion deftype=xmlparser Lucene includes a query parser that is able to create the full-spectrum of Lucene queries, using an XML data structure. Starting from version 5.1 Solr supports "xml" query...

7.5CVSS9.2AI score0.91896EPSS
Exploits11
FreeBSD
FreeBSD
added 2017/10/13 12:0 a.m.43 views

solr -- Code execution via entity expansion

Solr developers report: Lucene XML parser does not explicitly prohibit doctype declaration and expansion of external entities which leads to arbitrary HTTP requests to the local SOLR instance and to bypass all firewall restrictions. Solr "RunExecutableListener" class can be used to execute...

9.8CVSS9.6AI score0.91896EPSS
Exploits11References2
CNVD
CNVD
added 2017/10/09 12:0 a.m.2 views

Node.js tough-cookie module denial of service vulnerability

Node.js is a JavaScript runtime environment based on the Chrome V8 engine. A security vulnerability in the Node.js tough-cookie module's handling of HTTP requests using a special COOKIE allows remote attackers to exploit the vulnerability to submit specially crafted requests that can crash an...

7.5CVSS7.5AI score0.03283EPSS
Exploits0References1
Prion
Prion
added 2017/10/06 1:29 a.m.19 views

Authorization

Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to start the fcgiOfcDDA.exe executable or cause a potential INI corruption, which may cause the server disk space to be consumed with...

7.8CVSS7.6AI score0.07906EPSS
Exploits5References8Affected Software1
Cvelist
Cvelist
added 2017/10/05 1:0 p.m.29 views

CVE-2017-14086

Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to start the fcgiOfcDDA.exe executable or cause a potential INI corruption, which may cause the server disk space to be consumed with...

8.3AI score0.07906EPSS
Exploits5References8
Kitploit
Kitploit
added 2017/10/03 9:11 p.m.28 views

XCat - Automate XPath Injection Attacks to Retrieve Documents

XCat is a command line program that aides in the exploitation of blind XPath injection vulnerabilities. It can be used to retrieve the whole XML document being processed by a vulnerable XPath query, read arbitrary files on the hosts filesystem and utilize out of bound HTTP requests to make the...

7.9AI score
Exploits0References1
Prion
Prion
added 2017/09/29 1:34 a.m.18 views

Input validation

A vulnerability in the web-based Wireless Controller GUI of Cisco IOS XE Software for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E Wireless Switches, and Cisco New Generation Wireless Controllers NGWC 3850 could allow an authenticated, remote attacker to elevate...

9CVSS8.8AI score0.03236EPSS
Exploits0References4Affected Software1
Packet Storm
Packet Storm
added 2017/09/29 12:0 a.m.41 views

TrendMicro OfficeScan 11.0 / XG (12.0) Server-Side Request Forgery

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-SERVER-SIDE-REQUEST-FORGERY.txt + ISR: ApparitionSec Vendor: ================== www.trendmicro.com Product: =========== OfficeScan v11.0 and XG 12.0...

Exploits0
CNVD
CNVD
added 2017/09/29 12:0 a.m.2 views

Trend Micro OfficeScan Server Request Forgery Vulnerability

Trend Micro OfficeScan is a best-of-breed endpoint security solution for mid-sized and large organizations, with a future-proof, resilient architecture that allows you to customize your threat protection and data protection through plug-ins. A server request forgery vulnerability exists in Trend...

7AI score
Exploits0References1
Rows per page
Query Builder