9 matches found
Node.js: node.js process aborts when processing x509 certs with invalid public key information
A vulnerability existed in Node.js versions 18.14.2 and 19.7.0 that allowed malicious actors to cause a denial-of-service DoS by providing x509 certificates with invalid public key information. This vulnerability could lead to the termination of the Node.js process, resulting in interruptions to...
U.S. Dept Of Defense: Email exploitation with web hosting services.
A vulnerability allowed an attacker to send emails to anyone using an organization's email list and to its people by uploading a PHP file to the public HTML. The vulnerability could result in reputation loss, phishing attacks, and the theft of internal information. Mitigation measures were not...
Socialhunter - Crawls The Website And Finds Broken Social Media Links That Can Be Hijacked
Crawls the given URL and finds broken social media links that can be hijacked. Broken social links may allow an attacker to conduct phishing attacks. It also can cost a loss of the company's reputation. Broken social media hijack issues are usually accepted on the bug bounty programs. Currently, ...
X (Formerly Twitter): Github Account hijack through broken link in developer.twitter.com
Description A link in https://developer.twitter.com/en/docs/twitter-api/tools-and-libraries was broken and anyone could create that account which leads to account impersonate Steps To Reproduce 1 Visit https://developer.twitter.com/en/docs/twitter-api/tools-and-libraries 2 Scroll down to...
Tax time again: IT security for accounting firms
As the end of another busy tax season approaches, it is important for accounting firms to remember their obligations related to data security. Accounting firms maintain a significant amount of data on behalf of their own employees and clients. These firms house financial records, tax information,...
Paragon Initiative Enterprises: Email spoofing
There are few email spoofing tool is available free.one them is http://emkei.cz/ when I tried to send a email from [email protected] to my email ,it was successful but when i tried to send the another from [email protected] , i did not receive any email.Hence, there might be some...
Flox: Email spoofing configuration missing
Email spoofing in flox.io buddypress.org bbpress.org There are few email spoofing tool is available free.one them is http://emkei.cz/ when I tried to send a email from [email protected] or [email protected] or [email protected] to my email ,it was successful but when i tried to send the another fr...
HackerOne: Email spoofing
There are few email spoofing tool is available free.one them is http://emkei.cz/ when I tried to send a email from ███████ to my email ,it was successful but when i tried to send the another from ██████ , i did not receive any email.Hence, there might be some configuration missing in your mail...
SAP NetWeaver MMR — Denail of Service
Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.0 metamodel repository Vendor URL: Bugs: Denial of service Exploits: YES Reported: 15.02.2010 Vendor response: 15.02.2010 Date of Public Advisory: 09.11.2010 Author: Alexandr Polyakov Description SAP Netweaver Metamodel Repository can ...