7077 matches found
CVE-2023-36827
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. A path traversal directory traversal vulnerability affects fides versions lower than version 2.15.1, allowing...
PYSEC-2023-107
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. A path traversal directory traversal vulnerability affects fides versions lower than version 2.15.1, allowing...
CVE-2023-36827 Fides vulnerable to Path Traversal in Webserver API
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. A path traversal directory traversal vulnerability affects fides versions lower than version 2.15.1, allowing...
CVE-2023-36827 Fides vulnerable to Path Traversal in Webserver API
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. A path traversal directory traversal vulnerability affects fides versions lower than version 2.15.1, allowing...
CVE-2023-36827 Fides vulnerable to Path Traversal in Webserver API
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. A path traversal directory traversal vulnerability affects fides versions lower than version 2.15.1, allowing...
PT-2023-25716 · Fides · Fides
Name of the Vulnerable Software and Affected Versions: Fides versions prior to 2.15.1 Description: A path traversal vulnerability affects Fides, allowing remote attackers to access arbitrary files on the Fides webserver container's filesystem. If the Fides webserver API is deployed behind a rever...
FuguHub 8.1 - Remote Code Execution Exploit
Exploit Title: FuguHub 8.1 - Remote Code Execution Date: 6/24/2023 Exploit Author: redfire359 Vendor Homepage: https://fuguhub.com/ Software Link: https://fuguhub.com/download.lsp Version: 8.1 Tested on: Ubuntu 22.04.1 CVE : CVE-2023-24078 import requests from bs4 import BeautifulSoup import...
Exploit for OS Command Injection in Cacti
Cacti v1.2.24 authenticated command injection CVE-2023-39362...
The vulnerability of the Reverse Proxy Auth plugin for Jenkins allows a hacker to execute a CSRF attack.
The vulnerability of the Jenkins Reverse Proxy Auth plugin is related to the manipulation of cross-site requests. Exploiting this vulnerability can allow a attacker to execute a CSRF attack...
spring-boot: Spring Boot Welcome Page DoS Vulnerability
A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot's welcome page support, either static or templated, resulting in the application being deployed...
Exploit for OS Command Injection in Easynas
CVE-2023-0830: EasyNAS 1.1.0 Authenticated OS Command Injectio...
keycloak: Untrusted Certificate Validation
A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If...
keycloak: Untrusted Certificate Validation
A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If...
Exploit for Path Traversal in Microsoft
CVE-2022-4510-Binwalk This script allows you to generate expl...
golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters
A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an...
Fedora: Security Advisory for trafficserver (FEDORA-2023-92686b3e8b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. A malicious client can cause an error against the destination's size limit, which would incorrectly be attributed to the destination rather than the client. This could allow an attacker to send large amounts of da...
CVE-2023-33141
Yet Another Reverse Proxy YARP Denial of Service Vulnerability...
CVE-2023-33141
Yet Another Reverse Proxy YARP Denial of Service Vulnerability...
CVE-2023-33141
Yet Another Reverse Proxy YARP Denial of Service Vulnerability...