CVE-2026-32947

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. In versions 2.15.1 and below, a DNS over HTTPS DoH vulnerability allows attackers to bypass egress-policy: block network restrictions by tunneling exfiltrated data through permitted HTTPS endpoints like...

CVE-2025-26487 Server Side Request Forgery (SSRF) in the web server of Infinera MTC-9

Server-Side Request Forgery SSRF vulnerability in Infinera MTC-9 version allows remote unauthenticated users to gain access to other network resources using HTTPS requests through the appliance used as a bridge...

HP Integrated Lights-Out Denial of Service (CVE-2014-2601)

The server in HP Integrated Lights-Out 2 aka iLO 2 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool. This plugin only works with Tenable.ot. Please visit...

EUVD-2020-23706

Malware in sbrugna...

EUVD-2015-6218

Malware in sbrugna...

EUVD-2014-2633

Malware in sbrugna...

EUVD-2020-29817

Malware in sbrugna...

EUVD-2007-0960

Malware in sbrugna...

EUVD-2022-6112

Malicious code in bioql PyPI...

CVE-2022-32210

Undici.ProxyAgent never verifies the remote server's certificate, and always exposes all request & response data to the proxy. This unexpectedly means that proxies can MitM all HTTPS traffic, and if the proxy's URL is HTTP then it also means that nominally HTTPS requests are actually sent via...

ISC BIND 安全漏洞

ISC BIND is an ISC open source suite of open source software that implements the DNS protocol. A security vulnerability exists in ISC BIND 9 that stems from the fact that a client using DNS-over-HTTPS DoH can exhaust its CPU and/or memory by injecting carefully crafted valid or invalid HTTP/2...

CVE-2024-47497 Junos OS: SRX Series, QFX Series, MX Series and EX Series: Receiving specific HTTPS traffic causes resource exhaustion

An Uncontrolled Resource Consumption vulnerability in the http daemon httpd of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based attacker to cause Denial-of-Service DoS. An attacker can send specific HTTPS connection requests to...

HTTPS configuration between Brocade SANnav Management Portal and Brocade SAN switches (no CVE)

A security researcher reported a lack of encryption in Brocade SANnav for management protocol HTTP. The researcher states: By default, the appliance can be installed with these options: To configure HTTP or HTTPS connections between SANnav Management Portal and SAN switches, select one of the...

squid: Denial of Service in SSL Certificate validation

A flaw was found in Squid. Due to an improper validation of the specified index bug, Squid compiled using --with-openssl is vulnerable to a denial of service attack against SSL Certificate validation. This flaw allows a remote server to perform a denial of service against the Squid Proxy by...

How to Analyze Malware's Network Traffic in A Sandbox

Malware analysis encompasses a broad range of activities, including examining the malware's network traffic. To be effective at it, it's crucial to understand the common challenges and how to overcome them. Here are three prevalent issues you may encounter and the tools you'll need to address the...

Explained: Domain fronting

Domain fronting is a technique of using different domain names on the same HTTPS connection. Put simply, domain fronting hides your traffic when connecting to a specific website. It routes traffic through a larger platform, masking the true destination in the process. The technique became popular...

Update now! MOVEit Transfer vulnerability actively exploited

On May 31, 2023, Progress Software released a security bulletin about a critical vulnerability in MOVEit Transfer. The security bulletin states: "a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an un-authenticated attacker to gain unauthorized...

OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...

Rockwell Automation ThinManager ThinServer URI Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation ThinManager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTPS traffic. When parsing a URI, the process does no...

CVE-2022-32210

Undici.ProxyAgent never verifies the remote server's certificate, and always exposes all request & response data to the proxy. This unexpectedly means that proxies can MitM all HTTPS traffic, and if the proxy's URL is HTTP then it also means that nominally HTTPS requests are actually sent via...