Lucene search
K

7082 matches found

NVD
NVD
added 2020/02/04 8:15 p.m.18 views

CVE-2020-8450

An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...

7.5CVSS7.8AI score0.7179EPSS
Exploits0References15
OSV
OSV
added 2020/02/04 8:15 p.m.1 views

UBUNTU-CVE-2020-8450

An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...

7.3CVSS7AI score0.7179EPSS
Exploits0References4
Prion
Prion
added 2020/02/04 8:15 p.m.34 views

Buffer overflow

An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...

7.5CVSS7.7AI score0.7179EPSS
Exploits0References15Affected Software5
CVE
CVE
added 2020/02/04 7:51 p.m.823 views

CVE-2020-8450

CVE-2020-8450 affects Squid prior to 4.10, caused by incorrect buffer management in reverse-proxy mode, allowing a remote client to trigger a buffer overflow. Connected advisories confirm a fix was released (e.g., updates to Squid 4.11+/4.10-era patches) across multiple distributions (CloudLinux,...

7.5CVSS7.5AI score0.7179EPSS
Exploits0References15Affected Software1
Cvelist
Cvelist
added 2020/02/04 7:51 p.m.23 views

CVE-2020-8450

An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...

7.5AI score0.7179EPSS
Exploits0References15
AlpineLinux
AlpineLinux
added 2020/02/04 7:51 p.m.33 views

CVE-2020-8450

An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...

7.5CVSS7.8AI score0.7179EPSS
Exploits0
Debian CVE
Debian CVE
added 2020/02/04 7:51 p.m.29 views

CVE-2020-8450

An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...

7.5CVSS6.7AI score0.7179EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2020/02/04 3:7 a.m.73 views

Catastrophic backtracking in regex allows Denial of Service in Waitress

Impact When waitress receives a header that contains invalid characters it will cause the regular expression engine to catastrophically backtrack causing the process to use 100% CPU time and blocking any other interactions. This would allow an attacker to send a single request with an invalid...

6.8CVSS1.1AI score0.0262EPSS
Exploits0References5Affected Software1
0day.today
0day.today
added 2020/02/04 12:0 a.m.445 views

RDP DOUBLEPULSAR Remote Code Execution Exploit

This Metasploit module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR implant for RDP. While this module primarily performs code execution against the implant, the "Neutralize implant" target allows you to disable the implant. This module requires Metasploit:...

7.8AI score
Exploits0
Packet Storm
Packet Storm
added 2020/02/04 12:0 a.m.188 views

RDP DOUBLEPULSAR Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'RDP DOUBLEPULSAR Remote Code Execution', 'Description' = %q This module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/02/04 12:0 a.m.737 views

SMB DOUBLEPULSAR Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB DOUBLEPULSAR Remote Code Execution', 'Description' = %q This module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR...

9.3CVSS0.4AI score0.99693EPSS
Exploits93
OSV
OSV
added 2020/02/03 5:15 p.m.4 views

CVE-2020-5182

The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing. In some configurations, the link to the business website can be entered by any user. If it doesn't contain rel="noopener" or similar attributes such as noreferrer, the tabnabbing may occur. To reproduce the bug,...

6.5CVSS6.6AI score0.01047EPSS
Exploits0References1
NVD
NVD
added 2020/02/03 5:15 p.m.13 views

CVE-2020-5182

The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing. In some configurations, the link to the business website can be entered by any user. If it doesn't contain rel="noopener" or similar attributes such as noreferrer, the tabnabbing may occur. To reproduce the bug,...

6.5CVSS6.5AI score0.01047EPSS
Exploits0References1
Prion
Prion
added 2020/02/03 5:15 p.m.11 views

Design/Logic Flaw

The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing. In some configurations, the link to the business website can be entered by any user. If it doesn't contain rel="noopener" or similar attributes such as noreferrer, the tabnabbing may occur. To reproduce the bug,...

4.3CVSS6.4AI score0.01047EPSS
Exploits0References1Affected Software1
Metasploit
Metasploit
added 2020/02/03 5:2 p.m.28 views

Anviz CrossChex Buffer Overflow

Waits for broadcasts from Ainz CrossChex looking for new devices, and returns a custom broadcast, triggering a stack buffer overflow. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Anviz...

9.8CVSS10AI score0.50738EPSS
Exploits5
Cvelist
Cvelist
added 2020/02/03 4:52 p.m.22 views

CVE-2020-5182

The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing. In some configurations, the link to the business website can be entered by any user. If it doesn't contain rel="noopener" or similar attributes such as noreferrer, the tabnabbing may occur. To reproduce the bug,...

6.5AI score0.01047EPSS
Exploits0References1
CVE
CVE
added 2020/02/03 4:52 p.m.56 views

CVE-2020-5182

The CVE-2020-5182 vulnerability affects the J-BusinessDirectory extension for Joomla! versions before 5.2.9. It enables Reverse Tabnabbing when a link to a business website is entered without rel="noopener" (or equivalent like noreferrer); a crafted link can exploit window.opener to redirect the ...

6.5CVSS6.4AI score0.01047EPSS
Exploits0References1Affected Software1
0day.today
0day.today
added 2020/02/03 12:0 a.m.199 views

Schneider Electric U.Motion Builder 1.3.4 - Authenticated Command Injection Exploit

Exploit for hardware platform in category web applications Exploit Title: Schneider Electric U.Motion Builder 1.3.4 - Authenticated Command Injection Date: 2018-08-01 Exploit Author: Cosmin Craciun Vendor Homepage: https://www.se.com Version: = 1.3.4 Tested on: Delivered Virtual Appliance running...

6.5CVSS0.1AI score0.31802EPSS
Exploits4
FreeBSD
FreeBSD
added 2020/02/01 12:0 a.m.16 views

InspIRCd websocket module double free vulnerability

The InspIRCd development team reports: The websocket module before v3.8.1 contains a double free vulnerability. When combined with a HTTP reverse proxy this vulnerability can be used by any user who is GKZ-lined to remotely crash an InspIRCd server...

1.7AI score
Exploits0References1
FireEye
FireEye
added 2020/01/31 12:0 a.m.48 views

Abusing DLL Misconfigurations — Using Threat Intelligence to Weaponize R&D

DLL Abuse Techniques Overview Dynamic-link library DLL side-loading occurs when Windows Side-by-Side WinSxS manifests are not explicit about the characteristics of DLLs being loaded by a program. In layman’s terms, DLL side-loading can allow an attacker to trick a program into loading a malicious...

Exploits0References26
Rows per page
Query Builder