Lucene search
+L

321 matches found

Tenable Nessus
Tenable Nessus
added 2024/02/06 12:0 a.m.25 views

Bosch Security Systems Multiple Products Stack-based Buffer Overflow (CVE-2021-23851)

A specially crafted TCP/IP packet may cause the camera recovery image web interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload ...

7.2CVSS7.8AI score0.01466EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/02/06 12:0 a.m.19 views

Bosch Security Systems Multiple Products Stack-based Buffer Overflow (CVE-2021-23850)

A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload...

7.2CVSS7.8AI score0.01466EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2024/01/26 10:26 p.m.10 views

quotalo.it Improper Access Control vulnerability OBB-3843974

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/01/16 9:41 p.m.5 views

CVE-2024-20987

...

5.4CVSS5.5AI score0.00308EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/16 9:41 p.m.1 views

CVE-2024-20973

...

6.5CVSS6.9AI score0.01057EPSS
Exploits0References2
Veracode
Veracode
added 2023/11/12 6:41 p.m.28 views

HTTP Request Smuggling

squid is vulnerable to HTTP Request Smuggling. The vulnerability is caused by lenient handling of chunked decoding, which could enable a remote attacker to conduct Request/Response smuggling beyond firewall and frontend security systems...

9.3CVSS7.2AI score0.05298EPSS
Exploits0References17Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/08 12:0 a.m.28 views

RHEL 8 : squid:4 (RHSA-2023:6804)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6804 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Deni...

9.3CVSS7.1AI score0.85944EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 2023/11/03 7:33 a.m.34 views

CVE-2023-46846

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...

9.3CVSS7.5AI score0.05298EPSS
Exploits0
Debian CVE
Debian CVE
added 2023/11/03 7:33 a.m.56 views

CVE-2023-46846

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...

9.3CVSS7.4AI score0.05298EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/02 12:0 a.m.38 views

RHEL 9 : squid (RHSA-2023:6266)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6266 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: SQUID-2023:...

9.3CVSS7AI score0.85944EPSS
Exploits0References9
CISA
CISA
added 2023/10/04 12:0 p.m.8 views

CISA and NSA Release New Guidance on Identity and Access Management

Today, CISA and the National Security Agency NSA published Identity and Access Management: Developer and Vendor Challenges, authored by the Enduring Security Framework ESF, a CISA- and NSA-led working panel that includes a public-private cross-sector partnership. ESF aims to address risks that...

7.4AI score
Exploits0References2
CISA
CISA
added 2023/09/12 12:0 p.m.6 views

NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats

Today, the National Security Agency NSA, the Federal Bureau of Investigation FBI, and the Cybersecurity and Infrastructure Security Agency CISA released a Cybersecurity Information Sheet CSI, Contextualizing Deepfake Threats to Organizations, which provides an overview of synthetic media threats,...

7AI score
Exploits0References2
The Hacker News
The Hacker News
added 2023/07/07 6:12 p.m.37 views

Vishing Goes High-Tech: New 'Letscall' Malware Employs Voice Traffic Routing

Researchers have issued a warning about an emerging and advanced form of voice phishing vishing known as "Letscall." This technique is currently targeting individuals in South Korea. The criminals behind "Letscall" employ a multi-step attack to deceive victims into downloading malicious apps from...

6.7AI score
Exploits0
0day.today
0day.today
added 2023/04/10 12:0 a.m.261 views

Paradox Security Systems IPR512 - Denial Of Service Exploit

!/bin/bash Exploit Title: Paradox Security Systems IPR512 - Denial Of Service Google Dork: intitle:"ipr512 - login screen" Date: 09-APR-2023 Exploit Author: Giorgi Dograshvili Vendor Homepage: Paradox - Headquarters https://www.paradox.com/Products/default.asp?PID=423 Version: IPR512 CVE :...

7.5CVSS7.6AI score0.44171EPSS
Exploits9
Packet Storm
Packet Storm
added 2023/04/10 12:0 a.m.249 views

Paradox Security Systems IPR512 Denial Of Service

!/bin/bash Exploit Title: Paradox Security Systems IPR512 - Denial Of Service Google Dork: intitle:"ipr512 - login screen" Date: 09-APR-2023 Exploit Author: Giorgi Dograshvili Vendor Homepage: Paradox - Headquarters https://www.paradox.com/Products/default.asp?PID=423 Version: IPR512 CVE :...

7.5CVSS7.6AI score0.44171EPSS
Exploits9
Exploit DB
Exploit DB
added 2023/04/10 12:0 a.m.248 views

Paradox Security Systems IPR512 - Denial Of Service

!/bin/bash Exploit Title: Paradox Security Systems IPR512 - Denial Of Service Google Dork: intitle:"ipr512 - login screen" Date: 09-APR-2023 Exploit Author: Giorgi Dograshvili Vendor Homepage: Paradox - Headquarters https://www.paradox.com/Products/default.asp?PID=423 Version: IPR512 CVE :...

7.5CVSS7.6AI score0.44171EPSS
Exploits9
NVD
NVD
added 2023/03/21 11:15 p.m.9 views

CVE-2023-24709

An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters...

7.5CVSS7.3AI score0.44171EPSS
Exploits9References3
Prion
Prion
added 2023/03/21 11:15 p.m.14 views

Design/Logic Flaw

An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters...

5CVSS7.3AI score0.44171EPSS
Exploits9References3
Vulnrichment
Vulnrichment
added 2023/03/21 12:0 a.m.8 views

CVE-2023-24709

An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters...

7.3AI score0.44171EPSS
Exploits9References3
Cvelist
Cvelist
added 2023/03/21 12:0 a.m.43 views

CVE-2023-24709

An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters...

7.5AI score0.44171EPSS
Exploits9References3
Rows per page
Query Builder