GOM Player 2.3.90.5360 - Remote Code Execution (RCE)

Exploit Title: GOM Player 2.3.90.5360 - Remote Code Execution RCE Date: 26.08.2023 Author: M. Akil Gündoğan Contact: https://twitter.com/akilgundogan Vendor Homepage: https://www.gomlab.com/gomplayer-media-player/ Software Link: https://cdn.gomlab.com/gretech/player/GOMPLAYERGLOBALSETUPNEW.EXE...

CVE-2023-1584

A flaw was found in Quarkus. Quarkus OIDC can leak both ID and access tokens in the authorization code flow when an insecure HTTP protocol is used, which can allow attackers to access sensitive user data directly from the ID token or by using the access token to access user data from OIDC provide...

CVE-2023-23914

A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is...

Security Bulletin: IBM CICS TX Standard is vulnerable to attack due to missing or insecurely formatted HTTP headers (CVE-2022-34316).

Summary IBM CICS TX Standard could allow an attack due to missing or insecurely formatted HTTP headers. The fix removes this vulnerability CVE-2022-34316 from IBM CICS TX Standard. Vulnerability Details CVEID:CVE-2022-34316 DESCRIPTION: IBM CICS TX does not neutralize or incorrectly neutralizes w...

phpIPAM 跨站脚本漏洞

phpIPAM is an open source PHP and MySQL-based IP address management application IPAM. phpIPAM versions prior to 1.5.1 are vulnerable to a cross-site scripting vulnerability, which stems from cross-site scripting when the application responds in an insecure manner to data after receiving an HTTP...

Information Disclosure

curl is vulnerable to Information Disclosure. An attacker may force the library to use an insecure clear-text HTTP step even when HTTPS is provided in the URL. The HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts ...

Information Disclosure

thorsten/phpmyfaq is vulnerable to information disclosure.The vulnerability exists in the setCookie function of session.php due to insecure HTTP cookies without the 'secure' attribute which allows an attacker to gain access to sensitive information...

Command injection

Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP reque...

follow-redirects: Exposure of Sensitive Information via Authorization Header leak

A flaw was found in the follow-redirects package. This flaw allows the exposure of sensitive information to an unauthorized actor due to the usage of insecure HTTP protocol. This issue happens with an Authorization header leak from the same hostname, https-http, and requires a Man-in-the-Middle...

Information Disclosure

Rdiffweb is vulnerable to Sensitive Information Disclosure. The vulnerability exists due to an incomplete fix of CVE-2022-3174 which causes session cookies instantiated without the Secure attribute when the provided url is invalid. This flaw allows the transport of user cookies over insecure HTTP...

Sensitive Information Disclosure

Rdiffweb is vulnerable to Sensitive Information Disclosure. The vulnerability is due to session cookies instantiated without the "Secure" attribute. This flaw allows the transport of user cookies over insecure HTTP...

CVE-2022-30309

In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-off" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection...

DEBIAN-CVE-2022-30115

Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or th...

Security Bulletin: IBM InfoSphere Master Data Management Server is vulnerable to Insecure HTTP Method - TRACE discovered in MDM User Interface (CVE-2016-9718)

Summary IBM InfoSphere Master Data Management is vulnerable to a cross-site scripting Attack and could allow users to embed arbitrary JavaScript code in MDM User Interfaces and lead to disclosure of credentials. Insecure HTTP Method - TRACE discovered in MDM User Interface affects Inspector and W...

Internet Bug Bounty: CVE-2022-27776: Auth/cookie leak on redirect

Summary: curl/libcurl can be coaxed to leak Authorization / Cookie headers by redirecting request to http:// URL on the same host. Successful exploitation requires that the attacker can either Man-in-the-Middle the connection or can access the traffic at the recipient side for example by...

WSVuls - Website Vulnerability Scanner Detect Issues (Outdated Server Software And Insecure HTTP Headers)

WSVuls Website vulnerability scanner detect issues outdated server software and insecure HTTP headers. What's WSVuls? WSVuls is a simple and powerful command line tool for Linux, Windows and macOS. It's designed for developers/testers and for those workers in IT who want to test vulnerabilities a...

Information Disclosure

cobbler is vulnerable to information disclosure. The vulnerability exists due to the cleartext transmission of data through the insecure HTTP protocol, allowing an attacker to gain sensitive information...

CVE-2022-0536

A flaw was found in the follow-redirects package. This flaw allows the exposure of sensitive information to an unauthorized actor due to the usage of insecure HTTP protocol. This issue happens with an Authorization header leak from the same hostname, https-http, and requires a Man-in-the-Middle...

Design/Logic Flaw

Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A malicious attacker in an MITM position could spoof the contents of an XML document describing an update package, replacing a download URL with one pointing to an arbitrary Windows executable. Because the only...

Security update for nim (moderate)

openSUSE Security Update: Security update for nim Announcement ID: openSUSE-SU-2021:0618-1 Rating: moderate References: 1185083 1185084 1185085 Cross-References: CVE-2021-21372 CVE-2021-21373 CVE-2021-21374 CVSS scores: CVE-2021-21374 NVD : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affecte...