Lucene search
K

7082 matches found

Tenable Nessus
Tenable Nessus
added 2020/05/01 12:0 a.m.67 views

Debian DLA-2196-2 : pound regression update

A regression has been found in the patch for CVE-2016-10711 of pound, a reverse proxy, load balancer and HTTPS front-end for Web servers. Without the fix pound can be tricked to use 100% CPU. For Debian 8 'Jessie', this problem has been fixed in version 2.6-6+deb8u3. We recommend that you upgrade...

9.8CVSS7.9AI score0.02893EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/05/01 12:0 a.m.23 views

Debian: Security Advisory (DLA-2196-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.5AI score0.02893EPSS
Exploits0References3
The Coalfire Blog
The Coalfire Blog
added 2020/04/30 11:27 p.m.16 views

Part two: Reverse engineering and patching with Ghidra

In the first installment of our three-part blog series we learned how to root the Flashforge Finder 3D printer and acquire its firmware. In this post, we will delve into reverse engineering and patching the software using the new open source NSA tool Ghidra, which rivals its expensive competitors...

7AI score
Exploits0
Debian
Debian
added 2020/04/30 3:26 p.m.60 views

[SECURITY] [DLA 2196-1] pound security update

Package : pound Version : 2.6-6+deb8u2 CVE ID : CVE-2016-10711 An issue has been found in pound, A request smuggling vulnerability was discovered in pound, a everse proxy, load balancer and HTTPS front-end for Web servers, that may allow attackers to send a specially crafted http request to a web...

9.8CVSS9.2AI score0.02893EPSS
Exploits0
Kitploit
Kitploit
added 2020/04/28 12:30 p.m.67 views

wxHexEditor - Hex Editor / Disk Editor for Huge Files or Devices on Linux, Windows and MacOSX

wxHexEditor is another Free Hex Editor, build because there is no good hex editor for Linux system, specially for big files. Low Level Data Recovery with wxHexEditor wxHexEditor is not an ordinary hex editor, but could work as low level disk editor too. If you have problems with your HDD or...

7.1AI score
Exploits0References1
Fedora
Fedora
added 2020/04/28 2:56 a.m.41 views

[SECURITY] Fedora 31 Update: haproxy-2.0.14-1.fc31

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

8.8CVSS0.8AI score0.60727EPSS
Exploits0
Kitploit
Kitploit
added 2020/04/26 10:0 p.m.160 views

Print-My-Shell - Tool To Automate The Process Of Generating Various Reverse Shells

"Print My Shell" is a python script, wrote to automate the process of generating various reverse shells based on PayloadsAllTheThings and Pentestmonkey reverse shell cheat sheets. Using this script you can easily generate various types of reverse shells without leaving your command line. This...

7.3AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2020/04/24 8:33 a.m.52 views

CVE-2019-12520

A flaw was found in squid. The absolute URL of a request can include the decoded UserInfo username and password for certain protocols. This decoded info may contain special characters to delimit the domain, and treat the rest of the URL as a path or query string. An attacker could first make a...

5CVSS1.8AI score0.03935EPSS
Exploits0References4
Securelist
Securelist
added 2020/04/22 10:0 a.m.39 views

What does it take to become a good reverse engineer?

How much money and effort does it take to become a good reverse engineer? Do you even need to be one? There are no universally acceptable answers to these questions. Software reverse engineering RE is not a science but a skillset combined with specific knowledge and backed by a lot of experience...

1AI score
Exploits0
GithubExploit
GithubExploit
added 2020/04/22 9:10 a.m.117 views

Exploit for CVE-2020-0883

CVE-2020-0883 Working Exploit PoC CVE-202...

9.3CVSS8.8AI score0.21983EPSS
Exploits1
GithubExploit
GithubExploit
added 2020/04/22 9:10 a.m.174 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 Working Exploit PoC CVE-202...

10CVSS9.1AI score0.9981EPSS
Exploits125
GithubExploit
GithubExploit
added 2020/04/22 9:9 a.m.77 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 Working Exploit PoC CVE-202...

10CVSS9.1AI score0.9981EPSS
Exploits125
GithubExploit
GithubExploit
added 2020/04/22 7:28 a.m.28 views

Exploit for Improper Authentication in Microsoft

CVE-2020-0688 Working Exploit PoC CVE-202...

9CVSS8.8AI score0.99965EPSS
Exploits30
RedHat Linux
RedHat Linux
added 2020/04/21 11:7 a.m.5 views

tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling

A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the...

5.8CVSS6.8AI score0.09386EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/04/21 11:7 a.m.1 views

tomcat: Regression in handling of Transfer-Encoding header allows for HTTP request smuggling

The refactoring in 9.0.28 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid...

5.8CVSS7.3AI score0.08872EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/04/21 10:55 a.m.3 views

tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling

A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the...

5.8CVSS6.8AI score0.09386EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/04/21 10:55 a.m.4 views

tomcat: Regression in handling of Transfer-Encoding header allows for HTTP request smuggling

The refactoring in 9.0.28 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid...

5.8CVSS7.3AI score0.08872EPSS
Exploits0References7
CNVD
CNVD
added 2020/04/21 12:0 a.m.8 views

Unspecified vulnerability in Zulip server (CNVD-2021-28745)

Zulip server is an open source team chat application from the American company Zulip. A security vulnerability exists in Zulip Server versions prior to 2.1.3. An attacker can exploit the vulnerability to reverse tag via the dropdown feature...

6.1CVSS6.7AI score0.00671EPSS
Exploits0References1
NVD
NVD
added 2020/04/20 8:15 p.m.17 views

CVE-2020-9444

Zulip Server before 2.1.3 allows reverse tabnabbing via the Markdown functionality...

6.1CVSS6.3AI score0.00671EPSS
Exploits0References1
OSV
OSV
added 2020/04/20 8:15 p.m.11 views

CVE-2020-9444

Zulip Server before 2.1.3 allows reverse tabnabbing via the Markdown functionality...

6.1CVSS6.9AI score
Exploits0References1
Rows per page
Query Builder