Cloudflare Public Bug Bounty: cd=false (DNSSEC) not respected in DNS over HTTPS JSON requests

The value of the cd check disabled flag was not correctly validated in DNS-over-HTTPS JSON API requests to cloudflare-dns.com. In result, despite explicitly setting the flag value to 0 or false according to the Cloudflare 1.1.1.1 documentation the DNSSEC verification was not enforced for an unawa...

Security Bulletin: IBM WebSphere Application Server Liberty shipped with IBM Tivoli Netcool Impact is vulnerable to information disclosure when the adminCenter-1.0 feature has been enabled (CVE-2022-22393)

Summary IBM WebSphere Application Server Liberty is used by IBM Tivoli Netcool Impact as the application server host. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-22393...

Rockwell Automation ThinManager ThinServer URI Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation ThinManager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTPS traffic. When parsing a URI, the process does no...

Airspan AirSpot pingDiagnostic command injection

Added: 09/27/2022 Background Airspan AirSpot 5410 is an advanced, LTE, CAT12, outdoor, multi-service product specifically designed to meet data needs for residential, business and enterprise users. Problem A command injection vulnerability when diagnostics.cgi handles the pingDiagnostic command...

Airspan AirSpot pingDiagnostic command injection

Added: 09/27/2022 Background Airspan AirSpot 5410 is an advanced, LTE, CAT12, outdoor, multi-service product specifically designed to meet data needs for residential, business and enterprise users. Problem A command injection vulnerability when diagnostics.cgi handles the pingDiagnostic command...

Security Bulletin: IBM Storwize V7000 Unified Fix Available for Storwize V7000 Cross Protocol Vulnerability (CVE-2013-0500)

Abstract IBM Storwize V7000 Unified includes a flaw in the handling of special files created by an NFS client resulting in a vulnerability reported against IBM Storwize V7000 Unified. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0500 DESCRIPTION: A flaw in the IBM Storwize V7000 Unified code f...

Security Bulletin: IBM SONAS Fix Available for SONAS Cross Protocol Vulnerability (CVE-2013-0500)

Abstract IBM SONAS includes a flaw in the handling of special files created by an NFS client resulting in a vulnerability reported against IBM SONAS. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0500 DESCRIPTION: A flaw in the IBM SONAS code for handling special files in particular character a...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Squid vulnerabilities (USN-5641-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5641-1 advisory. Mikhail Evdokimov discovered that Squid incorrectly handled cache manager ACLs. A remote attacker could possibly use this issue t...

Security Bulletin: InfoSphere Guardium Data Redaction affected by SSL vulnerability in Apache Axis2 (CVE-2012-5785)

Abstract An SSL vulnerability exists in Apache Axis which is used by InfoSphere Guardium Data Redaction to process HTTPS requests from the Redaction SOAP API . Content VULNERABILITY DETAILS: CVE ID: CVE-2012-5785 DESCRIPTION: Apache Axis2/Java, as used in multiple products, could allow a remote...

CVE-2022-38742

Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could...

CVE-2022-38742

Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could...

Heap overflow

Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could...

CVE-2022-38742 Rockwell Automation ThinManager Software Vulnerable to Arbitrary Code Execution and Denial-Of-Service Attack

Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could...

Design/Logic Flaw

TLS hostname verification cannot be enabled in the Pulsar Broker's Java Client, the Pulsar Broker's Java Admin Client, the Pulsar WebSocket Proxy's Java Client, and the Pulsar Proxy's Admin Client leaving intra-cluster connections and geo-replication connections vulnerable to man in the middle...

CVE-2022-35252

CVE-2022-35252 affects curl’s handling of cookies containing control codes; when such cookies are echoed back to a server, the server may return 400 responses, effectively enabling a “sister site” to deny service to other siblings. Public advisories confirm this is fixed in curl updates across se...

CVE-2022-41317

An issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, there can be Exposure of Sensitive Information about clients using the proxy via an HTTPS request to an internal cache manager URL. This is fixed in 5.7...

benpottervo.com Cross Site Scripting vulnerability OBB-2941060

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-3251

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/minarca prior to 4.2.2...

CVE-2022-3250

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.6...

Session fixation

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.6...