RHEL 5 : iputils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - iputils: denial of service vulnerability in ping CVE-2010-2529 Note that Nessus has not tested for this issue but h...

RHEL 4 : iputils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - iputils: denial of service vulnerability in ping CVE-2010-2529 Note that Nessus has not tested for this issue but h...

RHEL 3 : iputils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 3 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - iputils: denial of service vulnerability in ping CVE-2010-2529 Note that Nessus has not tested for this issue but h...

Exploit for Improper Access Control in Apache Hugegraph

CVE-2024-27348 For Ethical Usages only, Any harmful or malic...

CVE-2024-23316 PingAccess HTTP Request Desynchronization Weakness

HTTP request desynchronization in Ping Identity PingAccess, all versions prior to 8.0.1 affected allows an attacker to send specially crafted http header requests to create a request smuggling condition for proxied requests...

CVE-2024-23316 PingAccess HTTP Request Desynchronization Weakness

HTTP request desynchronization in Ping Identity PingAccess, all versions prior to 8.0.1 affected allows an attacker to send specially crafted http header requests to create a request smuggling condition for proxied requests...

CVE-2024-36907

...

DLink DIR < 2.17.b02 (SAP10018)

The version of DLink DIR installed on the remote host is prior to 2.17.b02. It is, therefore, affected by a vulnerability as referenced in the SAP10018 advisory. - Multiple cross-site request forgery CSRF vulnerabilities in D-Link DIR-600 router rev. Bx with firmware before 2.17b02 allow remote...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

CVE-2021-47309 net: validate lwtstate->data before returning from skb_tunnel_info()

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

CVE-2021-47309

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

CVE-2021-47309

CVE-2021-47309 affects the Linux kernel's net/tunnel code: skb_tunnel_info() may return a pointer to lwtstate-&gt;data without validating its type, risking out-of-bounds reads such as during VXLAN routing. Connected advisories (SUSE-SU-2024:2561-1 and related OSV/Nessus entries) confirm the fix i...

WordPress Dextaz Ping plugin <= 0.65 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by younsoung kim, SeoHyeon Lee, MyungJu Kim, SeoHee Kang in WordPress Plugin Dextaz Ping versions = 0.65...

WordPress Dextaz Ping Plugin <= 0.65 is vulnerable to Remote Code Execution (RCE)

Software Dextaz Ping Type Plugin Vulnerable versions = 0.65 Fixed in N/A OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-34792 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID b6b4898f5dd2 Credits younsoung kim, SeoHyeon Lee, MyungJu Kim,...

MAL-2024-1348 Malicious code in reduction-ping (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dbede64ba115c6268078d2b037de0ce0d19de37f35559da7e9501d4bbb19d8c3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ping-bot-reduction (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 605a96bff0b39813fe902ed7de4bfe3bf228835641c9d030cbec0a2a8b4f676b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1347 Malicious code in ping-bot-reduction (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 605a96bff0b39813fe902ed7de4bfe3bf228835641c9d030cbec0a2a8b4f676b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in reduction-ping (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dbede64ba115c6268078d2b037de0ce0d19de37f35559da7e9501d4bbb19d8c3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-33793

netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page...