CVE-2023-46724

Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to...

CVE-2023-46724

Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to...

CVE-2023-20095

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to imprope...

CVE-2023-20095

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to imprope...

Design/Logic Flaw

A vulnerability in the file download feature of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to download arbitrary files from an affected system. This vulnerability is due to a lack of input sanitation. An attacker could exploit this vulnerability b...

CVE-2023-20095

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to imprope...

CVE-2023-20114

A vulnerability in the file download feature of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to download arbitrary files from an affected system. This vulnerability is due to a lack of input sanitation. An attacker could exploit this vulnerability b...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Denial of Service Vulnerability

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to imprope...

Qu1Ckdr0P2 - Quicky Serve Files Over Http Or Https Using Flask

Rapidly host payloads and post-exploitation bins over HTTP or HTTPS. Designed to be used on exams like OSCP / PNPT or CTFs HTB / etc. Pull requests and issues welcome. As are any contributions. Qu1ckdr0p2 comes with an alias and search feature. The tools are located in the qu1ckdr0p2-tools...

Sensitive cookie in HTTPS session without 'Secure' attribute in thorsten/phpmyfaq

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1...

GHSA-34W4-WRQP-J47G Sensitive cookie in HTTPS session without 'Secure' attribute in thorsten/phpmyfaq

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1...

CVE-2023-5866

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1...

Session fixation

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1...

CVE-2023-5866 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in thorsten/phpmyfaq

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1...

CVE-2023-5866 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in thorsten/phpmyfaq

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1...

CVE-2023-5866

The CVE-2023-5866 entry concerns phpMyFAQ before 3.2.1 where cookies in HTTPS sessions lack the Secure attribute, enabling potential sensitive data exposure. Affected product: phpMyFAQ (thorsten/phpmyfaq) prior to 3.2.1. Root cause: missing Secure flag on cookies during HTTPS sessions. Impact: co...

Oracle Linux 8 : java-17-openjdk (ELSA-2023-5751)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5751 advisory. - OpenJDK: memory corruption issue on x8664 with AVX-512 JDK-8317121 CVE-2023-22025 - OpenJDK: certificate path validation issue during client...

PortSwigger Web Security: Title: Deceptive Manipulation of HTTP to HTTPS with VPN in Burp Suite

Vulnerability description not provided...

Debian dla-3636 : openjdk-11-dbg - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3636 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3636-1 [email protected] https://www.debian.org/lts/security/...

[SECURITY] Fedora 37 Update: curl-7.85.0-12.fc37

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...