Lucene search
K

102 matches found

Openbugbounty
Openbugbounty
added 2020/09/18 5:17 p.m.10 views

junk-king.com Improper Access Control vulnerability OBB-1347566

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

0.1AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.7 views

In the GNU C Library (aka glibc or libc6) through 2.28 the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters which could lead applications to incorrectly assume that it had parsed a valid string without the possibility of embedded HTTP headers or other potentially dangerous substrings.

...

5.3CVSS5.9AI score0.00479EPSS
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2020/07/09 1:17 p.m.22 views

Cleaner One Pro Speeds Up Your Mac: Part 1

The Mac has always been pretty easy to use, but even the most ardent Mac supporters know there comes a time when their Mac is no longer new and they notice slowdowns in its performance, particularly after intensive use. They’d like a handy one-stop tool to help them optimize memory and CPU...

Exploits0
Kitploit
Kitploit
added 2020/05/13 12:30 p.m.149 views

Kaiten - A Undetectable Payload Generation

A Undetectable Payload Generation. This tool is for educational purpose only, usage of Kaiten for attacking targets without prior mutual consent is illegal. Developers assume no liability and are not responsible for any misuse or damage cause by this program. Official Kaiten Repository. What is i...

7.3AI score
Exploits0References1
Securelist
Securelist
added 2020/04/30 11:0 a.m.136 views

APT trends report Q1 2020

For more than two years, the Global Research and Analysis Team GReAT at Kaspersky has been publishing quarterly summaries of advanced persistent threat APT activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and...

7.6CVSS9AI score0.52729EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/04/29 12:0 a.m.12 views

Linux: Assign an independent partition to application data

Dedicated application data must have an independent partition. If partitions are improperly set, junk data or logs may fill the entire hard disk, causing the crash of the entire system. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources,...

7.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2020/04/07 9:36 a.m.9 views

python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib

A flaw was found in the way catastrophic backtracking was implemented in python's difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...

7.5CVSS7.1AI score0.04979EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/04/01 8:39 a.m.4 views

python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib

A flaw was found in the way catastrophic backtracking was implemented in python's difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...

7.5CVSS7.1AI score0.04979EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2020/03/27 11:26 a.m.4 views

Hackers Used Local News Sites to Install Spyware On iPhones

A newly discovered watering-hole campaign is targeting Apple iPhone users in Hong Kong by using malicious website links as a lure to install spyware on the devices. According to research published by Trend Micro and Kaspersky, the "Operation Poisoned News " attack leverages a remote iOS exploit...

9.3CVSS7.6AI score0.17438EPSS
Exploits6
FreeBSD
FreeBSD
added 2020/02/24 12:0 a.m.23 views

sympa -- Denial of service caused by malformed CSRF token

Javier Moreno discovered a vulnerability in Sympa web interface that can cause denial of service DoS attack. By submitting requests with malformed parameters, this flaw allows to create junk files in Sympa's directory for temporary files. And particularly by tampering token to prevent CSRF, it...

7.5CVSS5.4AI score0.02843EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.5 views

The vulnerability of the difflib.IS_LINE_JUNK method in the Python interpreter allows a attacker to cause a service failure.

The vulnerability of the difflib.ISLINEJUNK method in the Python interpreter exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...

7.8CVSS6.6AI score0.04979EPSS
Exploits0References17Affected Software4
RedHat Linux
RedHat Linux
added 2019/05/22 12:3 p.m.3 views

python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib

A flaw was found in the way catastrophic backtracking was implemented in python's difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...

7.5CVSS7.1AI score0.04979EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/04/04 12:0 a.m.28 views

EulerOS Virtualization 2.5.3 : python (EulerOS-SA-2019-1246)

According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way catastrophic backtracking was implemented in python's pop3lib's apop method. An attacker could use th...

7.5CVSS6.3AI score0.05103EPSS
Exploits1References3
Wired Threat Level
Wired Threat Level
added 2019/02/08 12:0 p.m.123 views

Twitter Still Can't Keep Up With Its Flood of Junk Accounts, Study Finds

Iowa researchers built an AI engine they say can spot abusive apps on Twitter months before the service itself identifies them...

4.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2018/10/30 12:25 p.m.4 views

python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib

A flaw was found in the way catastrophic backtracking was implemented in python's difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...

7.5CVSS7.1AI score0.04979EPSS
Exploits0References5
0day.today
0day.today
added 2018/08/20 12:0 a.m.73 views

SEIG SCADA System 9 - Remote Code Execution Exploit

Exploit for windows platform in category remote exploits Title: SEIG SCADA SYSTEM 9 - Remote Code Execution Author: Alejandro Parodi Vendor Homepage: https://www.schneider-electric.com Software Link:...

10CVSS6.5AI score0.21262EPSS
Exploits8
CNVD
CNVD
added 2018/06/20 12:0 a.m.10 views

python denial of service vulnerability (CNVD-2018-24286)

Python is an open source, object-oriented programming language from the Python Software Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in the difflib.ISLINEJUNK method in Python. An attacker can exploit this...

7.5CVSS7AI score0.04979EPSS
Exploits0References1
OSV
OSV
added 2018/06/19 12:29 p.m.4 views

ALPINE-CVE-2018-1061

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...

7.5CVSS8.5AI score0.04979EPSS
Exploits0References1
OSV
OSV
added 2018/06/19 12:29 p.m.2 views

DEBIAN-CVE-2018-1061

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...

7.5CVSS6.5AI score0.04979EPSS
Exploits0References1
OSV
OSV
added 2018/06/19 12:0 a.m.2 views

UBUNTU-CVE-2018-1061

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...

7.5CVSS6.8AI score0.04979EPSS
Exploits0References5
Rows per page
Query Builder