7082 matches found
CVE-2020-25613
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy which also has a po...
squid: Buffer overflow in reverse-proxy configurations
A flaw was found in squid. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...
Important: Red Hat Security Advisory: squid security update
An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RHEL 7 : squid (RHSA-2020:4082)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4082 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: HTTP...
Mida eFramework 2.8.9 Remote Code Execution
Exploit Title: Mida eFramework 2.8.9 - Remote Code Execution Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...
EulerOS 2.0 SP3 : squid (EulerOS-SA-2020-2127)
According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling o...
Mida eFramework 2.8.9 - Remote Code Execution
Exploit Title: Mida eFramework 2.8.9 - Remote Code Execution Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...
PYSEC-2020-310
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...
PYSEC-2020-118
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...
PYSEC-2020-275
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...
GHSA-63XM-RX5P-XVQR Heap buffer overflow in Tensorflow
Impact The implementation of SparseFillEmptyRowsGrad uses a double indexing pattern: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/core/kernels/sparsefillemptyrowsop.ccL263-L269 It is possible for reverseindexmapi to be an index outside of bound...
CVE-2020-11805
Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN...
CVE-2020-11805
Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN...
Design/Logic Flaw
Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN...
CVE-2020-11805
Technical details of CVE-2020-11805 are not publicly provided in the connected documents. Monitor for updates from vendors and security advisories.
CVE-2020-11805
Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN...
PT-2020-14265 · Google +1 · Tensorflow +1
Name of the Vulnerable Software and Affected Versions: Tensorflow versions prior to 1.15.4 Tensorflow versions prior to 2.0.3 Tensorflow versions prior to 2.1.2 Tensorflow versions prior to 2.2.1 Tensorflow versions prior to 2.3.1 Description: The SparseFillEmptyRowsGrad implementation has...
LY Corporation: Path traversal in a Tomcat server
A path traversal vulnerability was discovered in a Tomcat server, which allowed an attacker to access internal resources such as the administrator page. The vulnerability was caused by a misconfiguration between the reverse proxy and the WAS, and occurred when the attacker entered the string "..;...
Frp - A Fast Reverse Proxy To Help You Expose A Local Server Behind A NAT Or Firewall To The Internet
A Fast Reverse Proxy To Help You Expose A Local Server Behind A NAT Or Firewall To The Internet. Development Status frp is under development. Try the latest release version in the master branch, or use the dev branch for the version in development. The protocol might change at a release and we...
IBM Maximo Asset Management Reverse Label Hijacking Vulnerability
IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from IBM USA. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control for these assets. A reverse tag...