Lucene search
K

7082 matches found

Cvelist
Cvelist
added 2020/12/17 10:43 p.m.15 views

CVE-2020-12519 Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: An attacker can use this vulnerability i.e. to open a reverse shell with root privileges.

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use this vulnerability i.e. to open a reverse shell with root privileges...

8.8CVSS9.4AI score0.00851EPSS
Exploits0References1
OSV
OSV
added 2020/12/17 12:0 p.m.34 views

RUSTSEC-2020-0093 Async-h1 request smuggling possible with long unread bodies

This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server does not read the body of a request which is longer than some buffer length, async-h1 will attempt to read a subsequent request from the body content starting at...

7.5CVSS6.5AI score0.01008EPSS
Exploits0References3
RustSec
RustSec
added 2020/12/17 12:0 p.m.21 views

Async-h1 request smuggling possible with long unread bodies

This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server does not read the body of a request which is longer than some buffer length, async-h1 will attempt to read a subsequent request from the body content starting at...

0.3AI score
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/12/17 5:43 a.m.2 views

golang: data race in certain net/http servers including ReverseProxy can lead to DoS

A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability...

5.9CVSS7.3AI score0.02893EPSS
Exploits0References5
CNNVD
CNNVD
added 2020/12/17 12:0 a.m.9 views

Phoenix Contact PLCnext Control Devices Security Breach

Phoenix Contact PLCnext Control Devices is a programmable logic controller for industrial environments from Phoenix Contact, Germany. A security vulnerability exists in Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS, which can be exploited by an attacker to open a reverse shel...

10CVSS7.3AI score0.00851EPSS
Exploits0References2
Kitploit
Kitploit
added 2020/12/16 8:30 p.m.45 views

Freki - Malware Analysis Platform

Freki is a free and open-source malware analysis platform. Goals 1. Facilitate malware analysis and reverse engineering; 2. Provide an easy-to-use REST API for different projects; 3. Easy deployment via Docker; 4. Allow the addition of new features by the community. Current features Hash...

7.4AI score
Exploits0References5
The Hacker News
The Hacker News
added 2020/12/16 1:41 p.m.35 views

What is Geocoding? — How to Find Coordinates of An Address

How can your app hook into a geocoding service that offers forward and reverse geocoding and an auto-completion facility? Geocoding turns a location name or address into geocoordinates. The service gets used by thousands of applications like Uber and Grubhub to track and plot their map data. Yet,...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/16 1:41 p.m.3 views

What is Geocoding? — How to Find Coordinates of An Address

How can your app hook into a geocoding service that offers forward and reverse geocoding and an auto-completion facility? Geocoding turns a location name or address into geocoordinates. The service gets used by thousands of applications like Uber and Grubhub to track and plot their map data. Yet,...

5.8AI score
Exploits0
CNVD
CNVD
added 2020/12/16 12:0 a.m.2 views

IBM Tivoli Netcool Impact Reverse Tag Phishing Attack Vulnerability

IBM Tivoli Netcool Impact simplifies event and alert management, business service management, and incident and problem management by providing context-driven correlation, intelligence, and automation capabilities. IBM Tivoli Netcool Impact 7.1.0.0 - 7.1.0.19 Interim Fix 7 is vulnerable to a rever...

6.1CVSS6.8AI score0.00805EPSS
Exploits0References1
Kitploit
Kitploit
added 2020/12/15 8:30 p.m.108 views

APKLab - Android Reverse Engineering WorkBench For VS Code

APKLab seamlessly integrates the best open-source tools: Apktool, Jadx, uber-apk-signer and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE. Features Decode all the resources from an APK Disassemble the APK to Dalvik bytecode aka Smali...

7.4AI score
Exploits0References11
NVD
NVD
added 2020/12/15 3:15 p.m.12 views

CVE-2020-4849

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.19 Interim Fix 7 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a vitcim to a phishing site. IBM X-Force ID: 190294...

6.1CVSS5.5AI score0.00805EPSS
Exploits0References2
OSV
OSV
added 2020/12/15 3:15 p.m.3 views

CVE-2020-4849

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.19 Interim Fix 7 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a vitcim to a phishing site. IBM X-Force ID: 190294...

6.1CVSS6.2AI score0.00805EPSS
Exploits0References2
Prion
Prion
added 2020/12/15 3:15 p.m.13 views

Security feature bypass

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.19 Interim Fix 7 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a vitcim to a phishing site. IBM X-Force ID: 190294...

5.8CVSS6.1AI score0.00805EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/12/15 2:45 p.m.19 views

CVE-2020-4849

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.19 Interim Fix 7 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a vitcim to a phishing site. IBM X-Force ID: 190294...

5.3CVSS6.1AI score0.00805EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/15 4:45 a.m.11 views

Security Bulletin: IBM Tivoli Netcool Impact is affected by a reverse tabnabbing vulnerability (CVE-2020-4849)

Summary IBM Tivoli Netcool Impact has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-4849 DESCRIPTION: IBM Tivoli Netcool Impact could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this...

6.1CVSS1.6AI score0.00805EPSS
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2020/12/15 12:0 a.m.303 views

Gitlab 11.4.7 Remote Code Execution

Exploit Title: Gitlab 11.4.7 - Remote Code Execution Date: 14-12-2020 Exploit Author: Fortunato Lodari fox at thebrain dot net, foxlox Vendor Homepage: https://about.gitlab.com/ POC: https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/ Tested On: Debian 10 +...

7.4AI score
Exploits0
CNNVD
CNNVD
added 2020/12/15 12:0 a.m.5 views

IBM Tivoli Netcool Impact 输入验证错误漏洞

IBM Tivoli Netcool Impact simplifies event and alert management, business service management, and incident and problem management by providing context-driven correlation, intelligence, and automation capabilities. IBM Tivoli Netcool Impact 7.1.0.0 - 7.1.0.19 Interim Fix 7 is vulnerable to a rever...

6.1CVSS6.1AI score0.00805EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2020/12/15 12:0 a.m.304 views

Online Marriage Registration System 1.0 Remote Code Execution

Exploit Title: Online Marriage Registration System OMRS 1.0 - Remote Code Execution Authenticated Google Dork: N/A Date: 2020-14-12 Exploit Author: Andrea Bruschi - www.andreabruschi.net Vendor Homepage: https://phpgurukul.com/ Software Link:...

0.7AI score
Exploits0
NVD
NVD
added 2020/12/14 9:15 p.m.10 views

CVE-2020-25234

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3, LOGO! Soft Comfort All versions V8.3. The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions UDF in a password protected way. This...

7.7CVSS8AI score0.00301EPSS
Exploits0References1
Prion
Prion
added 2020/12/14 9:15 p.m.21 views

Information disclosure

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3, LOGO! Soft Comfort All versions V8.3. The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions UDF in a password protected way. This...

3.6CVSS7.9AI score0.00301EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder