RHEL 6 : python-requests (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header CVE-2018-18074 Note that Nessus h...

Security Bulletin: IBM Engineering Lifecycle Management is vulnerable to induce the application to perform server-side HTTP and HTTPS requests to arbitrary domains.(CVE-2021-20544)

Summary External service interaction arises when it is possible to induce an application to interact with an arbitrary external service, such as a web or mail server. The ability to trigger arbitrary external service interactions does not constitute a vulnerability in its own right, and in some...

perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS

A flaw was found in Perl's CPAN, which doesn't check TLS certificates when downloading content. This happens due to verifySSL missing when suing the HTTP::Tiny library during the connection. This may allow an attacker to inject into the network path and perform a Man-In-The-Middle attack, causing...

CVE-2024-1968

In scrapy/scrapy, an issue was identified where the Authorization header is not removed during redirects that only change the scheme e.g., HTTPS to HTTP but remain within the same domain. This behavior contravenes the Fetch standard, which mandates the removal of Authorization headers in...

CVE-2024-1968

In scrapy/scrapy, an issue was identified where the Authorization header is not removed during redirects that only change the scheme e.g., HTTPS to HTTP but remain within the same domain. This behavior contravenes the Fetch standard, which mandates the removal of Authorization headers in...

(Pwn2Own) QNAP TS-464 Authentication Service Improper Certificate Validation Vulnerability

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of QNAP TS-464 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authentication functionality, which...

SUSE CVE-2024-25581

When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a zone transfer AXFR or IXFR over DNS over HTTPS, causing the process to stop...

Fortinet FortiPortal Security Bypass Vulnerability

Fortinet FortiPortal is an advanced, feature-rich hosted security analysis and management support tool for Fortinet's FortiGate, FortiWiFi and FortiAP product lines, available as a virtual machine for MSPs. A security bypass vulnerability exists in Fortinet FortiPortal, which can be exploited by ...

FreeBSD : dnsdist -- Transfer requests received over DoH can lead to a denial of service (f2d8342f-1134-11ef-8791-6805ca2fa271)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f2d8342f-1134-11ef-8791-6805ca2fa271 advisory. - When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to...

CVE-2024-23105

A Use Of Less Trusted Source CWE-348 vulnerability in Fortinet FortiPortal version 7.0.0 through 7.0.6 and version 7.2.0 through 7.2.1 allows an unauthenticated attack to bypass IP protection through crafted HTTP or HTTPS packets...

CVE-2023-46714

A stack-based buffer overflow CWE-121 vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests...

CVE-2023-40720

An authorization bypass through user-controlled key vulnerability CWE-639 in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP configuration of other users via crafted HTTP or HTTPS requests...

CVE-2024-23105

A Use Of Less Trusted Source CWE-348 vulnerability in Fortinet FortiPortal version 7.0.0 through 7.0.6 and version 7.2.0 through 7.2.1 allows an unauthenticated attack to bypass IP protection through crafted HTTP or HTTPS packets...

CVE-2024-23105

Fortinet FortiPortal contains a CWE-348 vulnerability (Use Of Less Trusted Source) that, in versions 7.0.0–7.0.6 and 7.2.0–7.2.1 , allows an unauthenticated attacker to bypass IP protection via crafted HTTP/HTTPS packets. The issue is described as bypassing IP access controls; impact is described...

CVE-2024-23105

A Use Of Less Trusted Source CWE-348 vulnerability in Fortinet FortiPortal version 7.0.0 through 7.0.6 and version 7.2.0 through 7.2.1 allows an unauthenticated attack to bypass IP protection through crafted HTTP or HTTPS packets...

CVE-2023-44247

A double free vulnerability CWE-415 vulnerability in Fortinet FortiOS 6.4 all versions may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests...

CVE-2023-46714

A stack-based buffer overflow CWE-121 vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests...

CVE-2023-46714

Fortinet FortiOS vulnerability CVE-2023-46714 is a stack-based buffer overflow in FortiOS 7.2.1–7.2.6 and 7.4.0–7.4.1 that allows a privileged attacker with access to the administrative interface to execute arbitrary code via crafted HTTP/HTTPS requests. In the public disclosures, the impact is d...

CVE-2023-44247

A double free vulnerability CWE-415 vulnerability in Fortinet FortiOS 6.4 all versions may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests...

CVE-2023-44247

Summary : CVE-2023-44247 is a double-free (CWE-415) vulnerability in Fortinet FortiOS 6.4 all versions, potentially allowing a privileged attacker to execute arbitrary code via crafted HTTP/HTTPS requests. Public documentation confirms affected product FortiOS 6.4 and the vulnerability’s nature a...