EulerOS 2.0 SP9 : curl (EulerOS-SA-2021-2049)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3...

User Profile Picture < 2.6.0 - Arbitrary User Picture Change/Deletion via IDOR

The plugin was affected by an IDOR issue, allowing users with the uploadimage capability by default author and above to change and delete the profile pictures of other users including those with higher roles. PoC Use a proxy such as Burp Suite to capture the request made when change your own...

Command Injection in sofianehamlaoui/lockdoor-framework

✍️ Description CI in Spaghetti function when it asks for proxy. 🕵️‍♂️ Proof of Concept // PoC https://drive.google.com/file/d/1R8R261eHUPVK6BQRsemaU5CI3QpCI8d-/view?usp=sharing 💥 Impact command run as root. So an attacker could do potential damage to the machine...

CVE-2021-29954

Proxy functionality built into Hubs Cloud’s Reticulum software allowed access to internal URLs, including the metadata service. This vulnerability affects Hubs Cloud mozillareality/reticulum/1.0.1/20210428201255...

Design/Logic Flaw

Proxy functionality built into Hubs Cloud’s Reticulum software allowed access to internal URLs, including the metadata service. This vulnerability affects Hubs Cloud mozillareality/reticulum/1.0.1/20210428201255...

Node.js: HTTP Request Smuggling due to accepting space before colon

Summary: The llhttp parser in the httpmodule in Node 16.3.0 accepts requests with a space SP right after the header name before the colon. This can lead to HTTP Request Smuggling HRS. Description: When Node receives the following request: GET / HTTP/1.1 Host: localhost:5000 Content-Length : 5 hel...

[SECURITY] Fedora 33 Update: squid-4.15-1.fc33

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

SUSE: Security Advisory (SUSE-SU-2019:0414-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:0347-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:1610-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-32670

Datasette is an open source multi-tool for exploring and publishing data. The ?trace=1 debugging feature in Datasette does not correctly escape generated HTML, resulting in a reflected cross-site scripting vulnerability. This vulnerability is particularly relevant if your Datasette installation...

PYSEC-2021-89

Datasette is an open source multi-tool for exploring and publishing data. The ?trace=1 debugging feature in Datasette does not correctly escape generated HTML, resulting in a reflected cross-site scripting vulnerability. This vulnerability is particularly relevant if your Datasette installation...

Reflected cross-site scripting issue in Datasette

Impact The ?trace=1 debugging feature in Datasette does not correctly escape generated HTML, resulting in a reflected cross-site scripting vulnerability. This vulnerability is particularly relevant if your Datasette installation includes authenticated features using plugins such as...

Important: nginx:1.18 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 For more details about the...

EulerOS Virtualization 2.9.0 : curl (EulerOS-SA-2021-1969)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad...

403Fuzzer - Fuzz 403/401Ing Endpoints For Bypasses

Fuzz 403ing endpoints for bypasses Follow on twitter! @intrudir This tool will check the endpoint with a couple of headers such as X-Forwarded-For It will also apply different payloads typically used in dir traversals, path normalization etc. to each endpoint on the path. e.g. /%2e/test/test2...

[SECURITY] [DSA 4924-1] squid security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4924-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 01, 2021 https://www.debian.org/security/faq -...

IMAPLoginTester - Script That Reads A Text File With Lots Of E-Mails And Passwords, And Tries To Check If Those Credentials Are Valid By Trying To Login On IMAP Servers

IMAPLoginTester is a simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login to the respective IMAP servers. Usage: usage: imaplogintester.py -h -i INPUT -o OUTPUT -s -t SLEEPTIME -T TIMEOUT -P SOCKS5PROX...

CVE-2021-29492

Envoy is a cloud-native edge/middle/service proxy. Envoy does not decode escaped slash sequences %2F and %5C in HTTP URL paths in versions 1.18.2 and before. A remote attacker may craft a path with escaped slashes, e.g. /something%2F..%2Fadmin, to bypass access control, e.g. a block on /admin. A...

CVE-2021-32642

radsecproxy is a generic RADIUS proxy that supports both UDP and TLS RadSec RADIUS transports. Missing input validation in radsecproxy's naptr-eduroam.sh and radsec-dynsrv.sh scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users are subject to Informatio...