15 matches found
EUVD-2019-16223
Malware in sbrugna...
EUVD-2020-30801
Malware in sbrugna...
CVE-2020-36851
Rob--W cors-anywhere instances configured as an open proxy allow unauthenticated external users to induce the server to make HTTP requests to arbitrary targets SSRF. Because the proxy forwards requests and headers, an attacker can reach internal-only endpoints and link-local metadata services,...
PT-2025-39389
Name of the Vulnerable Software and Affected Versions cors-anywhere affected versions not specified Description Instances of cors-anywhere configured as an open proxy permit unauthenticated external users to initiate HTTP requests to arbitrary targets, leading to Server-Side Request Forgery SSRF...
CVE-2019-6664
On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices...
K03126093: TMOS vulnerability CVE-2019-6664
Security Advisory Description On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices. CVE-2019-6664 Impact BIG-IP The default firewall rules for the management interface are not reliably reinstalled after fir...
Cloudflare Public Bug Bounty: Using special IPv4-mapped IPv6 addresses to bypass local IP ban
Vulnerability description not provided...
Microsoft Azure Real Time Operating System 权限许可和访问控制问题漏洞
Microsoft Azure is an open, enterprise-class cloud computing platform from Microsoft Corporation USA.A privilege permission and access control issue vulnerability exists in Microsoft Azure RTOS. The vulnerability stems from a lack of effective privilege permission and access control measures on t...
ABB Symphony Plus Operations Access Control Error Vulnerability
ABB Symphony Plus Operations is a management device from ABB Switzerland for improving operational efficiency in industrial environments. The appliance provides an easy-to-use human-machine interface that seamlessly integrates all plant equipment and subsystems using industry-standard protocols a...
Demonstrate Commitment, Differentiate Services, Develop Opportunities
Everything's mobile -- especially today, when running a business is harder than ever -- and responsiveness is everything. Staying ahead of the curve means workers may need to operate in "always available" mode, relying on their phone for business-related tasks, regardless of where they may be. Th...
CVE-2019-6664
On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices...
Design/Logic Flaw
On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices...
CVE-2019-6664
CVE-2019-6664 affects F5 BIG-IP TMOS on versions 15.0.0 and 14.1.0–14.1.0.6. The issue is that under certain conditions, the default firewall rules for the management port are not reliably reinstalled after first boot, potentially exposing the management interface. According to the vendor securit...
The Rogue Toolkit - An Extensible Toolkit Aimed At Providing Penetration Testers An Easy-To-Use Platform To Deploy Access Points
The Rogue Toolkit is an extensible toolkit aimed at providing penetration testers an easy-to-use platform to deploy software-defined Access Points AP for the purpose of conducting penetration testing and red team engagements. By using Rogue, penetration testers can easily perform targeted evil tw...
Wireless IP Camera (P2P) WIFICAM 'Cloud' Feature Design Flaw Vulnerability
Wireless IP Camera P2P WIFICAM is a wireless IP camera. A design flaw exists in the Wireless IP Camera P2P WIFICAM 'Cloud' feature, where the camera provides a 'Cloud' feature that is enabled by default, allowing consumers to bypass NAT and firewalls by managing the device over the network using ...