11967 matches found
OSV-2019-1 ASSERT: bufferRemainingSize() >= length.
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18431 Crash type: ASSERT Crash state: bufferRemainingSize = length. Envoy::Http::Http1::ConnectionImpl::copyToBuffer Envoy::Http::Http1::RequestStreamEncoderImpl::encodeHeaders...
SaltStack < 3002.5 Multiple Vulnerabilities
According to its self-reported version number, the instance of SaltStack hosted on the remote server is affected by multiple vulnerabilities: - The Salt-APIâs SSH client is vulnerable to a shell injection by including ProxyCommand in an argument, or via sshoptions provided in an API request...
Authentication: Lessons Learned From Microsoft Exchange And F5 Big-IP Hacks
The past month has been a very dynamic time in the world of security for hackers and threat researchers, but it has been an extended nightmare for CSOs responsible for securing their enterprise networks...
GHSA-F38P-C2GQ-4PMR Regular Expression Denial-of-Service in npm schema-inspector
Impact What kind of vulnerability is it? Who is impacted? Email address validation is vulnerable to a denial-of-service attack where some input for example a@0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. will freeze the program or web browser page...
CVE-2020-15756
...
CVE-2020-15737
...
GHSA-XMH9-RG6F-J3MR Verification flaw in Solid identity-token-verifier
Impact Severity Any Pod on a Solid server using a vulnerable version of the identity-token-verifier library is at risk of a spoofed Demonstration of Proof-of-Possession DPoP token binding. This vulnerability could give total and complete access to a targeted Pod. Summary A verification flaw in th...
CVE-2020-29238
creationtimestamp| type| source ---|---|--- 2021-03-10 07:52:14+00:00| seen| https://t.me/cibsecurity/24669 2021-09-21 06:42:48+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/168 2024-11-14 06:09:50+00:00| seen| MISP/c8d078cb-4f20-4e28-ba79-22d6ac6a34a8...
[SECURITY] Fedora 33 Update: kernel-5.10.20-200.fc33
The kernel meta package...
Textpattern 4.8.3 - Remote code execution (Authenticated) (2)
Exploit Title: Textpattern 4.8.3 - Remote code execution Authenticated 2 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor Homepage: https://textpattern.com/ Software Link: https://textpattern.com/start Version: Previous to 4.8.3 Tested on: CentOS, textpattern 4.5.7 and 4.6.0 Install dependencie...
Textpattern 4.8.3 - Remote code execution (Authenticated) (2)
Exploit Title: Textpattern 4.8.3 - Remote code execution Authenticated 2 Date: 03/03/2021 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor Homepage: https://textpattern.com/ Software Link: https://textpattern.com/start Version: Previous to 4.8.3 Tested on: CentOS, textpattern 4.5.7 and 4.6.0...
RHEL 7 : OpenShift Container Platform 3.11.394 (RHSA-2021:0637)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0637 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
CVE-2016-8139
...
Mail.ru: Reflected XSS on https://deti.mail.ru
Reflected XSS on deti.mail.ru via request header Referer...
Ninja Forms < 3.4.34.1 - Authenticated OAuth Connection Key Disclosure
Low-level users, such as subscribers, were able to trigger the action, wpajaxnfoauth, and retrieve the connection url needed to establish a connection. They could also retrieve the clientid for an already established OAuth connection. PoC Usage: php poc.php subscriber password $wpuser, 'pwd' =...
CVE-2020-3823
...
curl: CVE-2021-22876: Automatic referer leaks credentials
Summary: When using the --referer ';auto' feature the current URL is copied as-is to the referrer header of the subsequent request. The recommendation 1 is to strip these along with the URL fragment. I can imagine this may, in rare cases, result in unwanted/unexpected disclosure of credentials e....
CVE-2021-22881
CVE-2021-22881 concerns the Host Authorization middleware in Rails Action Pack, where specially crafted Host headers in combination with certain allowed-host formats (notably leading dots) can trigger an open redirect. Multiple connected sources confirm this is an Action Pack issue affecting Rail...
Node.JS Remote Code Execution
Exploit Title: Node.JS - 'node-serialize' Remote Code Execution 2 Exploit Author: UndeadLarva Software Link: https://www.npmjs.com/package/node-serialize Version: 0.0.4 CVE: CVE-2017-5941 import requests import re import base64 import sys url = 'http://192.168.100.133:8000/' change this payload =...
ASB-A-172349003
Bulletin has no description...