1467 matches found
EulerOS 2.0 SP3 : bind (EulerOS-SA-2020-2063)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker...
CVE-2020-15768
An issue was discovered in Gradle Enterprise 2017.3 - 2020.2.4 and Gradle Enterprise Build Cache Node 1.0 - 9.2. Unrestricted HTTP header reflection in Gradle Enterprise allows remote attackers to obtain authentication cookies, if they are able to discover a separate XSS vulnerability. This...
CVE-2020-15768
An issue was discovered in Gradle Enterprise 2017.3 - 2020.2.4 and Gradle Enterprise Build Cache Node 1.0 - 9.2. Unrestricted HTTP header reflection in Gradle Enterprise allows remote attackers to obtain authentication cookies, if they are able to discover a separate XSS vulnerability. This...
CVE-2020-15768
An issue was discovered in Gradle Enterprise 2017.3 - 2020.2.4 and Gradle Enterprise Build Cache Node 1.0 - 9.2. Unrestricted HTTP header reflection in Gradle Enterprise allows remote attackers to obtain authentication cookies, if they are able to discover a separate XSS vulnerability. This...
PT-2020-14615 · Gradle · Gradle Enterprise +1
Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions 2017.3 through 2020.2.4 Gradle Enterprise Build Cache Node versions 1.0 through 9.2 Description: An issue in Gradle Enterprise allows remote attackers to obtain authentication cookies through unrestricted HTTP heade...
EulerOS Virtualization for ARM 64 3.0.2.0 : bind (EulerOS-SA-2020-1953)
According to the versions of the bind packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records. This fla...
ManageEngine Applications Manager Authenticated Remote Code Execution
!/usr/bin/python3 Exploit Title: ManageEngine Applications Manager - Authenticated RCE via Java class reflection in Weblogic server test credential API Google Dork: None Date: 04-09-2020 Exploit Author: Hodorsec Vendor Homepage: https://manageengine.co.uk Vendor Vulnerability Description:...
EulerOS 2.0 SP5 : bind (EulerOS-SA-2020-1916)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows or...
ysoserial
This is a Java tool called ysoserial, which is a proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool is designed to create payloads that can be used to execute arbitrary code on a Java application that performs unsafe deserialization of objects...
CVE-2020-13655
An issue was discovered in Collabtive 3.0 and later. managefile.php is vulnerable to XSS: when the action parameter is set to movefile and the id parameter corresponds to a project the current user has access to, the file and target parameters are reflected...
CVE-2020-13821
An issue was discovered in HiveMQ Broker Control Center 4.3.2. A crafted clientid parameter in an MQTT packet sent to the Broker is reflected in the client section of the management console. The attacker's JavaScript is loaded in a browser, which can lead to theft of the session and cookie of the...
CVE-2020-13821
An issue was discovered in HiveMQ Broker Control Center 4.3.2. A crafted clientid parameter in an MQTT packet sent to the Broker is reflected in the client section of the management console. The attacker's JavaScript is loaded in a browser, which can lead to theft of the session and cookie of the...
Fedora 32 : php (2020-96124cc236)
PHP version 7.4.9 06 Aug 2020 Apache: - Fixed bug php79030 Upgrade apache2handler's phpapachesapigetrequesttime to return usec. Herbert256 Core: - Fixed bug php79740 serialize and unserialize methods can not be called statically. Nikita - Fixed bug php79783 Segfault in phpstrreplacecommon. Nikita...
bind: BIND does not sufficiently limit the number of fetches performed when processing referrals
A flaw was found in BIND, where it does not sufficiently limit the number of fetches that can be performed while processing a referral response. This flaw allows an attacker to cause a denial of service attack. The attacker can also exploit this behavior to use the recursing server as a reflector...
bind: BIND does not sufficiently limit the number of fetches performed when processing referrals
A flaw was found in BIND, where it does not sufficiently limit the number of fetches that can be performed while processing a referral response. This flaw allows an attacker to cause a denial of service attack. The attacker can also exploit this behavior to use the recursing server as a reflector...
bind: BIND does not sufficiently limit the number of fetches performed when processing referrals
A flaw was found in BIND, where it does not sufficiently limit the number of fetches that can be performed while processing a referral response. This flaw allows an attacker to cause a denial of service attack. The attacker can also exploit this behavior to use the recursing server as a reflector...
bind: BIND does not sufficiently limit the number of fetches performed when processing referrals
A flaw was found in BIND, where it does not sufficiently limit the number of fetches that can be performed while processing a referral response. This flaw allows an attacker to cause a denial of service attack. The attacker can also exploit this behavior to use the recursing server as a reflector...
bind: BIND does not sufficiently limit the number of fetches performed when processing referrals
A flaw was found in BIND, where it does not sufficiently limit the number of fetches that can be performed while processing a referral response. This flaw allows an attacker to cause a denial of service attack. The attacker can also exploit this behavior to use the recursing server as a reflector...
bind: BIND does not sufficiently limit the number of fetches performed when processing referrals
A flaw was found in BIND, where it does not sufficiently limit the number of fetches that can be performed while processing a referral response. This flaw allows an attacker to cause a denial of service attack. The attacker can also exploit this behavior to use the recursing server as a reflector...
CVE-2020-5604
Android App 'Mercari' Japan version prior to version 3.52.0 allows arbitrary method execution of a Java object by a remote attacker via a Man-In-The-Middle attack by using Java Reflection API of JavaScript code on WebView...