7690 matches found
CVE-2021-45081
An issue was discovered in Cobbler through 3.3.1. Routines in several files use the HTTP protocol instead of the more secure HTTPS...
CVE-2021-45081
An issue was discovered in Cobbler through 3.3.1. Routines in several files use the HTTP protocol instead of the more secure HTTPS...
CVE-2021-45081
CVE-2021-45081 affects Cobbler up to version 3.3.1. The issue is that routines expose HTTP instead of HTTPS, enabling potential eavesdropping or MITM on management/API endpoints. The connected documents confirm the root cause but do not specify a patched version or explicit mitigation in the prov...
PT-2022-12302 · Cobbler · Cobbler
Name of the Vulnerable Software and Affected Versions: Cobbler versions prior to 3.3.2 Description: An issue was discovered where routines in several files use the HTTP protocol instead of the more secure HTTPS. Recommendations: For Cobbler versions prior to 3.3.2, consider updating to a version...
(Pwn2Own) Samsung Galaxy S21 Improper Error Handling Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Samsung Galaxy S21 phones. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the handling of errors...
GO-2021-0243 Panic on certain certificates in crypto/tls
crypto/tls clients can panic when provided a certificate of the wrong type for the negotiated parameters. net/http clients performing HTTPS requests are also affected...
Man-in-the-Middle (MitM)
Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to...
GHSA-QHM4-JXV7-J9PQ Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...
GHSA-8W94-CF6G-C8MG Man-in-the-Middle (MitM)
Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to...
Exposure of Sensitive Information to an Unauthorized Actor in node-fetch/node-fetch
Description The Authorization header leaks from same hostname https-http redirect. If https://example.com redirects to http://example.com, then an attacker who can listen in on the wire or perform a MITM attack will be able to receive the Authorization header due to the use of the insecure HTTP...
mail.camarapousoredondo.sc.gov.br Cross Site Scripting vulnerability OBB-2369867
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| mail.camarapousoredondo.sc.gov.br ---|-...
Information Disclosure
follow-redirects is vulnerable to information disclosure. The vulnerability exists because the HTTP Authorization header is sent via an insecure HTTP channel when a same-hostname HTTPS-to-HTTP redirect is received, allowing attackers in the same network to discover credentials by sniffing the...
Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects/follow-redirects
Note Reclarification of https://huntr.dev/bounties/6d9fd2bf-39e4-4291-b228-30f131b9ccdc/ Description The Authorization header leaks from same hostname https-http redirect. If https://example.com redirects to http://example.com, then an attacker who can listen in on the wire or perform a MITM atta...
Open redirect
In affected Octopus Server versions when the server HTTP and HTTPS bindings are configured to localhost, Octopus Server will allow open redirects...
GHSA-WP47-9R3H-XFGQ Server-Side Request Forgery in Apache Traffic Control
In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach...
Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2014-2259)
Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service defect-mode transition via crafted HTTPS packets. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Server-Side Request Forgery (SSRF)
In Apache Traffic Control Traffic Ops, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach...
Siemens SIMATIC S7-1200 Improper Input Validation (CVE-2014-2258)
Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service defect-mode transition via crafted HTTPS packets, a different vulnerability than CVE-2014-2259. This plugin only works with Tenable.ot. Please visit...
CVE-2022-23206
In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach...
CVE-2022-23206
In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach...