5 matches found
GHSA-VVWP-3F54-XC39 Downloads Resources over HTTP in broccoli-closure
Affected versions of broccoli-closure insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on t...
Xxe
K9Mail version = v5.600 contains a XML External Entity XXE vulnerability in WebDAV response parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via malicious WebDAV server or intercept the reponse of a valid WebDA...
DLink DIR-601 - Credential Disclosure
DLink DIR-601 - Credential Disclosure Exploit Title: DLink DIR-601 - Credential Disclosure Google Dork: N/A Date: 2018-06-24 Exploit Author: Kevin Randall Vendor Homepage: https://www.dlink.com Software Link: N/A Version: Firmware: 2.02NA Hardware Version B1 Tested on: Windows 10 + Mozilla Firefo...
Downloads Resources over HTTP
Overview Affected versions of co-cli-installer insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...
Downloads Resources over HTTP
Overview Affected versions of macaca-chromedriver-zxa insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in cod...