Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1445 matches found

Tenable Nessus
Tenable Nessusadded 2021/01/12 12:0 a.m.26 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : coTURN vulnerability (USN-4690-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4690-1 advisory. It was discovered that coTURN allowed peers to connect and relay packets to loopback addresses in the range of 127.x.x.x. A malicious user...

7.2CVSS7.2AI score0.01282EPSS
Exploits3References2
Ubuntu
Ubuntuadded 2021/01/11 9:19 p.m.112 views

USN-4690-1: coTURN vulnerability

It was discovered that coTURN allowed peers to connect and relay packets to loopback addresses in the range of 127.x.x.x. A malicious user could use this vulnerability to insert packages into the loopback interface...

7.2CVSS7.2AI score0.01282EPSS
Exploits3
OSV
OSVadded 2021/01/11 9:19 p.m.1 views

USN-4690-1 coturn vulnerability

It was discovered that coTURN allowed peers to connect and relay packets to loopback addresses in the range of 127.x.x.x. A malicious user could use this vulnerability to insert packages into the loopback interface...

7.2CVSS7AI score0.01282EPSS
Exploits3References2
Debian
Debianadded 2021/01/11 1:57 p.m.29 views

[SECURITY] [DSA 4829-1] coturn security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4829-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 11, 2021 https://www.debian.org/security/faq -...

6.4CVSS2AI score0.01282EPSS
Exploits3
UbuntuCve
UbuntuCveadded 2021/01/11 12:0 a.m.16 views

CVE-2020-26262

Coturn is free open source implementation of TURN and STUN Server. Coturn before version 4.5.2 by default does not allow peers to connect and relay packets to loopback addresses in the range of 127.x.x.x. However, it was observed that when sending a CONNECT request with the XOR-PEER-ADDRESS value...

7.2CVSS6.9AI score0.01282EPSS
Exploits3References3
Packet Storm
Packet Stormadded 2021/01/11 12:0 a.m.363 views

Coturn 4.5.1.x Access Control Bypass

Loopback access control bypass in coturn by using 0.0.0.0, ::1 or :: as the peer address - Fixed version: 4.5.2 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-01-coturn-access-control-bypass - Coturn Security Advisory:...

0.6AI score0.01282EPSS
Exploits3
0day.today
0day.todayadded 2021/01/11 12:0 a.m.70 views

Coturn 4.5.1.x Access Control Bypass Vulnerability

Coturn 4.5.1.x Access Control Bypass Vulnerability Loopback access control bypass in coturn by using 0.0.0.0, ::1 or :: as the peer address - Fixed version: 4.5.2 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-01-coturn-access-control-bypass - Coturn...

7.2CVSS7.1AI score0.01282EPSS
Exploits3
OSV
OSVadded 2021/01/11 12:0 a.m.1 views

UBUNTU-CVE-2020-26262

Coturn is free open source implementation of TURN and STUN Server. Coturn before version 4.5.2 by default does not allow peers to connect and relay packets to loopback addresses in the range of 127.x.x.x. However, it was observed that when sending a CONNECT request with the XOR-PEER-ADDRESS value...

7.2CVSS7AI score0.01282EPSS
Exploits3References4
Exploit DB
Exploit DBadded 2021/01/08 12:0 a.m.504 views

Cockpit Version 234 - Server-Side Request Forgery (Unauthenticated)

Exploit Title: Cockpit Version 234 - Server-Side Request Forgery Unauthenticated Date: 08.01.2021 Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://cockpit-project.org/ Version: v234 Tested on: Ubuntu 18.04 !/usr/bin/python3 import argparse import requests import sys import urllib3...

7.4AI score
Exploits0
NVD
NVDadded 2020/12/31 10:15 a.m.22 views

CVE-2020-35863

An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface...

9.8CVSS9.8AI score0.02774EPSS
Exploits0References1
OSV
OSVadded 2020/12/31 10:15 a.m.5 views

DEBIAN-CVE-2020-35863

An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface...

9.8CVSS9.1AI score0.02774EPSS
Exploits0References1
OSV
OSVadded 2020/12/31 10:15 a.m.11 views

CVE-2020-35863

An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface...

9.8CVSS7.8AI score
Exploits0References1
UbuntuCve
UbuntuCveadded 2020/12/31 10:15 a.m.20 views

CVE-2020-35863

An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface...

9.8CVSS7.6AI score0.02774EPSS
Exploits0References3
OSV
OSVadded 2020/12/31 10:15 a.m.6 views

UBUNTU-CVE-2020-35863

An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface...

9.8CVSS7.7AI score0.02774EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2020/12/31 8:29 a.m.18 views

CVE-2020-35863

An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface...

9.8CVSS9.8AI score0.02774EPSS
Exploits0
Cvelist
Cvelistadded 2020/12/31 8:29 a.m.32 views

CVE-2020-35863

An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface...

9.8AI score0.02774EPSS
Exploits0References1
CNNVD
CNNVDadded 2020/12/31 12:0 a.m.7 views

Rust Code Injection Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust hyper crate before 0.12.34, which stems from the possibility of HTTP request smuggling. In some cases, remote code can be executed using an HTTP server on a loopback...

9.8CVSS6.1AI score0.02774EPSS
Exploits0References2
CNVD
CNVDadded 2020/12/22 12:0 a.m.3 views

IBM Loopback Injection Vulnerability

IBM Loopback is a U.S. IBM NodeJs-based API framework. The framework can support NodeJs applications and most major databases , IOS, Android and other devices , data sources , configuration sources to interact . Loopback version 8.0.0 suffers from an injection vulnerability that allows an attacke...

9.8CVSS7.5AI score0.01448EPSS
Exploits0References1
OSV
OSVadded 2020/12/21 6:15 p.m.2 views

CVE-2020-4988

Loopback 8.0.0 contains a vulnerability that could allow an attacker to manipulate or pollute Javascript values and cause a denial of service or possibly execute code. IBM X-Force ID: 192706...

9.8CVSS7.2AI score0.01448EPSS
Exploits0References1
NVD
NVDadded 2020/12/21 6:15 p.m.11 views

CVE-2020-4988

Loopback 8.0.0 contains a vulnerability that could allow an attacker to manipulate or pollute Javascript values and cause a denial of service or possibly execute code. IBM X-Force ID: 192706...

9.8CVSS7.8AI score0.01448EPSS
Exploits0References1
Rows per page
Query Builder