69 matches found
Cross site scripting
Cudy LT400 1.13.4 is vulnerable Cross Site Scripting XSS in /cgi-bin/luci/admin/network/bandwidth via the icon parameter...
CVE-2023-31853
Cudy LT400 1.13.4 is vulnerable Cross Site Scripting XSS in /cgi-bin/luci/admin/network/bandwidth via the icon parameter...
CVE-2023-31853
CVE-2023-31853 affects Cudy LT400 firmware 1.13.4 with a Cross-Site Scripting (XSS) vulnerability in the /cgi-bin/luci/admin/network/bandwidth endpoint via the icon parameter. The issue is confirmed by multiple sources; PoC/exploit content exists showing reflected XSS and highlighting potential a...
K41515225: BIG-IP SSL connection security exposure
Security Advisory Description On a virtual server configured with both Client SSL and Server SSL profiles, when receiving a TCP FIN midstream in an SSL connection, the BIG-IP system immediately proxies the FIN to the remote host on the peer side. If the remote host on the peer side acknowledges t...
Fedora: Security Advisory for trojita (FEDORA-2022-46fefaadfd)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
DDoS attacks on VoIP and the urgent need for DDoS protection
VoIP companies have recently been the target of a series of ransom Distributed Denial of Service DDoS attacks around the globe with UK-based VoIP providers including VoIP Unlimited, and Quebec-based company VoIP.ms being hit by aggressive and sustained attacks destabilizing their infrastructure a...
IBM i Resource Management Error Vulnerability
IBM i is a set of operating systems from IBM in the United States that run on IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i SMTP, which can be exploited by an attacker to consume network bandwidth and disk space that may not be necessary and send spam...
IBM i 资源管理错误漏洞
IBM i is a set of operating systems from IBM in the United States that run on IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i SMTP, which can be exploited by an attacker to consume network bandwidth and disk space that may not be necessary and send spam...
Dive Deep into VMDR
Qualys devoted the second day of the Qualys Security Conference entirely to vulnerability management, detection and response VMDR, a critical area for the security and compliance of hybrid cloud IT environments. Mehul Revankar, VP of Product Management and Engineering for VMDR at Qualys, set the...
Dive Deep into VMDR
Qualys devoted the second day of the QSC USA 2020 virtual conference entirely to vulnerability management, detection and response VMDR, a critical area for the security and compliance of hybrid cloud IT environments. Mehul Revankar, VP of Product Management and Engineering for VMDR at Qualys, set...
NBMonitor Network Bandwidth Monitor 1.6.5.0 - Name Denial of Service Exploit
Exploit Title: NBMonitor Network Bandwidth Monitor 1.6.5.0 - 'Name' Denial of Service PoC Author: Luis Martinez Vendor Homepage: www.nsauditor.com Software Link : http://www.nbmonitor.com/downloads/nbmonitorsetup.exe Tested Version: 1.6.5.0 Vulnerability Type: Denial of Service DoS Local Tested o...
NBMonitor Network Bandwidth Monitor 1.6.5.0 - 'Name' Denial of Service (PoC)
Exploit Title: NBMonitor Network Bandwidth Monitor 1.6.5.0 - 'Name' Denial of Service PoC Author: Luis Martinez Date: 2018-12-27 Vendor Homepage: www.nsauditor.com Software Link : http://www.nbmonitor.com/downloads/nbmonitorsetup.exe Tested Version: 1.6.5.0 Vulnerability Type: Denial of Service D...
Simple tc Command Wrapper Tool: tcconfig
Simple tc Command Wrapper Tool A Simple tc command wrapper tool. Easy to set up traffic control of network bandwidth/latency/packet-loss to a network interface. Traffic control features Traffic shaping target Apply traffic shaping rules to specific target: Outgoing/Incoming packets Certain IP...
All Drupal Versions Open to Code Execution, Credential Theft Vulnerabilities
A number of issues exist in the content management system Drupal that could lead to code execution and the theft of database credentials via a man-in-the-middle attack, a researcher warns. The vulnerabilities lie in the way Drupal processes updates, according to Fernando Arnaboldi, senior securit...
Network Security Toolkit: NST
Network Security Toolkit NST is a bootable ISO image Live DVD based on Fedora providing easy access to best-of-breed Open Source Network Security Applications and should run on most x86/x8664 platforms. The main intent of developing this toolkit was to provide the security professional and networ...
[SECURITY] Fedora 22 Update: xpra-0.15.6-1.fc22
Xpra is "screen for X": it allows you to run X programs, usually on a remote host, direct their display to your local machine, and then to disconnect fr om these programs and reconnect from the same or another machine, without losi ng any state. It gives you remote access to individual...
[SECURITY] Fedora 23 Update: xpra-0.15.6-1.fc23
Xpra is "screen for X": it allows you to run X programs, usually on a remote host, direct their display to your local machine, and then to disconnect fr om these programs and reconnect from the same or another machine, without losi ng any state. It gives you remote access to individual...
Sadly, Windows 10 Is Stealing Your Bandwidth 'By Default' — Disable It Immediately
After installing Windows 10, Feeling like your Internet Bandwidth is dropping away? Windows 10 is stealing your network bandwidth. Along with the privacy features related to Wi-Fi Sense, Windows 10 users should check for another hidden by default feature that uses your network bandwidth to share...
Amazon Linux AMI : tomcat6 (ALAS-2014-344)
It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request. A remote attacker could use this fla...
ID Software Quake 3 "smurf attack" Denial of Service vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3060/info Quake 3 network play features contain a remotely exploitable denial of service vulnerability. A hostile client program can be used by to generate a large number of forged client queries on behalf of a target use...