13 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-56658
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free i...
UBUNTU-CVE-2025-21766
In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in iprtupdatepmtu iprtupdatepmtu must use RCU protection to make sure the net structure it reads does not disappear...
CVE-2024-56658 net: defer final 'struct net' free in netns dismantle
In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dstdestroy 1 Issue is in xfrm6netinit and xfrm4netinit : They copy xfrm46dstopstemplate into net-xfrm.xfrm46dstops. But net structure...
PT-2024-34: Server Side Request Forgery (SSRF) in Passwork
The vulnerability was identified in Passwork version 6.4.0. The discovered vulnerability can be exploited by an attacker to send requests to both external nodes and servers with limited access, which leads to disclosure of sentisive data, denial of service, etc. Also, exploitation of the...
FreeBSD : squid -- Exposure of sensitive information in cache manager (f9ada0b5-3d80-11ed-9330-080027f5fec9)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f9ada0b5-3d80-11ed-9330-080027f5fec9 advisory. - Mikhail Evdokimov aka konata reports: Due to inconsistent handling of internal URIs Squid is vulnerab...
CVE-2019-17511
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can get the router's log file via logget.php, which could be used to discover the intranet network structure...
CVE-2006-7180
ieee80211output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information related to network structure, and possibly cause a denial of service disrupted authentication and conduct spoofing attacks...
US-CERT Warns of Issues With DNS Zone Transfer Requests
The US-CERT is warning administrators and network operators that a misconfiguration issue with some DNS servers that has been known about for more than 15 years and can give attackers detailed information about DNS zones is coming back around thanks to new scans that show a high number of servers...
Sun Java Web Server 1.1 Beta Viewable .jhtml Source Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1891/info A vulnerability exists in Sun Microsystems' JavaWebServer for Win32, version 1.1Beta. JavaWebServer is a Java-oriented web application development platform. If a URL is submitted requesting a .jhtml file an HTML...
Forensic FOCA - Power of Metadata in digital forensics
Forensic FOCA - Power of Metadata in digital forensics Most of the e ort in today's digital forensics community lies in the retrieval and analysis of existing information from computing systems. Metadata is data about data. Metadata plays a number of important roles in computer forensics. It can...
Large power online online distance learning platform 0DAY National Electrical chase to eat)-vulnerability warning-the black bar safety net
Brief description: Long time of vulnerability, the vendor iswww.open.edu.cn, today finishing the blog found this 0day can also use the publication to the next. A plurality of injection vulnerabilities, filtering and etc. but can bypass the database connection configuration file is exposed,...
CVE-2006-7180
ieee80211output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information related to network structure, and possibly cause a denial of service disrupted authentication and conduct spoofing attacks...
Large enterprises within the network penetration of the common software has a breaking point-vulnerability warning-the black bar safety net
Some enterprise-level network, especially in Europe and the United States of large companies, the network structure of the General characteristics is the dmz Zone and the internal network is substantially isolated from the domain into the clear, the permissions are set meticulous and strict,...