321 matches found
Bosch Security Systems Multiple Products Stack-based Buffer Overflow (CVE-2021-23851)
A specially crafted TCP/IP packet may cause the camera recovery image web interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload ...
Bosch Security Systems Multiple Products Stack-based Buffer Overflow (CVE-2021-23850)
A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload...
quotalo.it Improper Access Control vulnerability OBB-3843974
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2024-20987
...
CVE-2024-20973
...
HTTP Request Smuggling
squid is vulnerable to HTTP Request Smuggling. The vulnerability is caused by lenient handling of chunked decoding, which could enable a remote attacker to conduct Request/Response smuggling beyond firewall and frontend security systems...
RHEL 8 : squid:4 (RHSA-2023:6804)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6804 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Deni...
CVE-2023-46846
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
CVE-2023-46846
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
RHEL 9 : squid (RHSA-2023:6266)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6266 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: SQUID-2023:...
CISA and NSA Release New Guidance on Identity and Access Management
Today, CISA and the National Security Agency NSA published Identity and Access Management: Developer and Vendor Challenges, authored by the Enduring Security Framework ESF, a CISA- and NSA-led working panel that includes a public-private cross-sector partnership. ESF aims to address risks that...
NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats
Today, the National Security Agency NSA, the Federal Bureau of Investigation FBI, and the Cybersecurity and Infrastructure Security Agency CISA released a Cybersecurity Information Sheet CSI, Contextualizing Deepfake Threats to Organizations, which provides an overview of synthetic media threats,...
Vishing Goes High-Tech: New 'Letscall' Malware Employs Voice Traffic Routing
Researchers have issued a warning about an emerging and advanced form of voice phishing vishing known as "Letscall." This technique is currently targeting individuals in South Korea. The criminals behind "Letscall" employ a multi-step attack to deceive victims into downloading malicious apps from...
Paradox Security Systems IPR512 - Denial Of Service Exploit
!/bin/bash Exploit Title: Paradox Security Systems IPR512 - Denial Of Service Google Dork: intitle:"ipr512 - login screen" Date: 09-APR-2023 Exploit Author: Giorgi Dograshvili Vendor Homepage: Paradox - Headquarters https://www.paradox.com/Products/default.asp?PID=423 Version: IPR512 CVE :...
Paradox Security Systems IPR512 Denial Of Service
!/bin/bash Exploit Title: Paradox Security Systems IPR512 - Denial Of Service Google Dork: intitle:"ipr512 - login screen" Date: 09-APR-2023 Exploit Author: Giorgi Dograshvili Vendor Homepage: Paradox - Headquarters https://www.paradox.com/Products/default.asp?PID=423 Version: IPR512 CVE :...
Paradox Security Systems IPR512 - Denial Of Service
!/bin/bash Exploit Title: Paradox Security Systems IPR512 - Denial Of Service Google Dork: intitle:"ipr512 - login screen" Date: 09-APR-2023 Exploit Author: Giorgi Dograshvili Vendor Homepage: Paradox - Headquarters https://www.paradox.com/Products/default.asp?PID=423 Version: IPR512 CVE :...
CVE-2023-24709
An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters...
Design/Logic Flaw
An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters...
CVE-2023-24709
An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters...
CVE-2023-24709
An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters...