Lucene search
K

7691 matches found

Debian CVE
Debian CVE
added 2021/08/16 12:0 a.m.28 views

CVE-2021-22939

If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted...

5.3CVSS7.6AI score0.1473EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2021/08/16 12:0 a.m.46 views

CVE-2021-22939

If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted...

5.3CVSS7.9AI score0.1473EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/08/13 12:0 a.m.30 views

Fedora: Security Advisory for curl (FEDORA-2021-5d21b90a30)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.3AI score0.0627EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2021/08/13 12:0 a.m.26 views

OpenSSL: DoS Vulnerability (CVE-2004-0112) - Windows

OpenSSL is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

5CVSS7.3AI score0.10424EPSS
Exploits0References1
Kitploit
Kitploit
added 2021/08/12 12:30 p.m.55 views

AlanFramework - A Post-Exploitation Framework

Alan Framework is a post-exploitation framework useful during red-team activities. If you find my tool useful, please consider tosponsor me. Sponsored users have access to early releases and non public content. You can download the binary from:...

7.2AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2021/08/12 10:51 a.m.58 views

CVE-2021-22939

A flaw was found in Node.js. If the Node.js HTTPS API is used incorrectly and "undefined" is passed for the "rejectUnauthorized" parameter, no error is returned, and the connections to servers with an expired certificate are accepted. The highest threat from this vulnerability is to integrity...

5.3CVSS1.4AI score0.1473EPSS
Exploits1References4
0day.today
0day.today
added 2021/08/10 12:0 a.m.123 views

IPCop 2.1.9 - Remote Code Execution (Authenticated) Exploit

Exploit Title: IPCop 2.1.9 - Remote Code Execution RCE Authenticated Exploit Author: Mücahit Saratar Vendor Homepage: https://www.ipcop.org/ Software Link: https://sourceforge.net/projects/ipcop/files/IPCop/IPCop%202.1.8/ipcop-2.1.8-install-cd.i486.iso -...

0.1AI score
Exploits0
Cvelist
Cvelist
added 2021/08/07 2:28 a.m.16 views

CVE-2021-38148

Obsidian before 0.12.12 does not require user confirmation for non-http/https URLs...

9.8AI score0.01225EPSS
Exploits0References1
Fedora
Fedora
added 2021/08/07 1:14 a.m.108 views

[SECURITY] Fedora 33 Update: curl-7.71.1-10.fc33

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

6.5CVSS6.9AI score0.0627EPSS
Exploits5
OSV
OSV
added 2021/08/05 8:15 p.m.2 views

CVE-2021-29974

When network partitioning was enabled, e.g. as a result of Enhanced Tracking Protection settings, a TLS error page would allow the user to override an error on a domain which had specified HTTP Strict Transport Security which implies that the error should not be override-able. This issue did not...

4.3CVSS7.4AI score0.0084EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2021/08/05 7:46 p.m.32 views

CVE-2021-29974

When network partitioning was enabled, e.g. as a result of Enhanced Tracking Protection settings, a TLS error page would allow the user to override an error on a domain which had specified HTTP Strict Transport Security which implies that the error should not be override-able. This issue did not...

4.3CVSS7.1AI score0.0084EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2021/08/05 3:52 p.m.45 views

What is Tor?

Tor, The Onion Router Tor The Onion Router is free software used to keep your online communications safe and secure from outside observers. It’s designed to block tracking and eavesdropping, resist fingerprinting where services tie your browser and device information to an identity, and to hide t...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/08/04 2:25 p.m.42 views

Chrome casts away the padlock—is it good riddance or farewell?

It’s been an interesting journey for security messaging where browsers are concerned. Back in the day, many of the websites you’d visit on a daily basis weren’t secure. By secure, I mean that they didnt use HTTPS. There was no padlock, which meant that the traffic between you and the website wasn...

6.6AI score
Exploits0
Ubuntu
Ubuntu
added 2021/07/22 6:17 p.m.141 views

USN-5021-1: curl vulnerabilities

Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized data possibly containing sensitive information could be sent to the remote server, contrary to expectations. CVE-2021-22898, CVE-2021-22925 Har...

5.3CVSS6.5AI score0.0627EPSS
Exploits3
NVD
NVD
added 2021/07/21 3:15 p.m.25 views

CVE-2021-2358

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: Rest interfaces for Access Mgr. The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to compromise Oracle Acces...

4.9CVSS0.01586EPSS
Exploits0References1
Prion
Prion
added 2021/07/21 3:15 p.m.12 views

Design/Logic Flaw

Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: Siebel Core - Server Infrastructure. Supported versions that are affected are 21.5 and Prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Siebel CRM. Successf...

7.1CVSS6AI score0.01517EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/07/21 12:0 a.m.53 views

Oracle Enterprise Manager Cloud Control (Jul 2021 CPU)

The 13.4.0.0 versions of Enterprise Manager Base Platform installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2021 CPU advisory. - Vulnerability in the StorageTek Tape Analytics SW Tool product of Oracle Systems component: Software dom4j. The supported...

9.8CVSS6.6AI score0.10618EPSS
Exploits4References7
OPENSUSE Linux
OPENSUSE Linux
added 2021/07/21 12:0 a.m.333 views

Security update for nextcloud (important)

openSUSE Security Update: Security update for nextcloud Announcement ID: openSUSE-SU-2021:1068-1 Rating: important References: 1181445 1181803 1181804 1188247 1188248 1188249 1188250 1188251 1188252 1188253 1188254 1188255 1188256 Cross-References: CVE-2020-8293 CVE-2020-8294 CVE-2020-8295...

9.8CVSS7.2AI score0.02309EPSS
Exploits1References13
Vulnrichment
Vulnrichment
added 2021/07/20 10:43 p.m.15 views

CVE-2021-2368

Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: Siebel Core - Server Infrastructure. Supported versions that are affected are 21.5 and Prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Siebel CRM. Successf...

5.9CVSS6.2AI score0.01517EPSS
Exploits0References1
CVE
CVE
added 2021/07/20 10:43 p.m.59 views

CVE-2021-2368

CVE-2021-2368 affects Oracle Siebel CRM (Siebel Core - Server Infrastructure). Affected: Siebel CRM version 21.5 and earlier. Description: unauthenticated attacker over HTTPS can access or compromise data; impact is unauthorized access to data. Connected sources also reference additional context ...

7.1CVSS5.4AI score0.01517EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder