29 matches found
PT-2024-34162 · Unknown · Icg.Aspnetcore.Utilities.Cloudstorage
Name of the Vulnerable Software and Affected Versions: ICG.AspNetCore.Utilities.CloudStorage versions prior to 8.0.0 Description: The issue affects users of the ICG.AspNetCore.Utilities.CloudStorage library who set a duration for a SAS Uri with a value other than 1 hour, potentially resulting in ...
PT-2024-33662 · Snowflake · Snowflake Connector For Python
Name of the Vulnerable Software and Affected Versions: Snowflake Connector for Python versions prior to 3.12.3 Description: The issue concerns the logging of sensitive information by the Snowflake Connector for Python. When the logging level is set to DEBUG, the Connector may log Duo passcodes,...
CobaltBus - Cobalt Strike External C2 Integration With Azure Servicebus, C2 Traffic Via Azure Servicebus
Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus Setup 1. Create an Azure Service Bus 2. Create a Shared access policy Connection string that can only Send and Listen 3. Edit the static connectionString variable in Beacon C projects to match the "Primar...
Logitech: Sensitive information disclosure to shared access user via streamlabs platform api
Summary: Hi there, Hope you are doing well and stay safe. Streamlab allows us to invite other users to manage our dashboard and cloudbot functions via following setting which named "Shared Access". https://streamlabs.com/dashboard/settings/shared-access If we invite other users with Moderator rol...
Microsoft Azure Sphere Information Disclosure Vulnerability
Azure Sphere is a secure, advanced application platform with built-in communications and security features for connected devices. An information disclosure vulnerability exists in Microsoft Azure Sphere versions prior to 20.07. An attacker could exploit the vulnerability to obtain resource IDs, S...
CVE-2019-19316
When using the Azure backend with a shared access signature SAS, Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP...
PT-2019-15807 · Hashicorp +1 · Terraform +1
Name of the Vulnerable Software and Affected Versions: Terraform versions prior to 0.12.17 Description: The issue concerns the transmission of sensitive data in cleartext HTTP when using the Azure backend with a shared access signature SAS in Terraform. This affects the...
CVE-2015-8550
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service host OS crash or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability...
About telecommunications the prohibition of routing Internet best crack method-vulnerability warning-the black bar safety net
ADSL share Internet access, there are two ways, one is proxy, one is the Address Translation(NAT),we often say that the routing is actually NAT mode, in fact the Routing and NAT principles there are still differences, there will not be discussed, now the ADSL cats generally have the NAT function,...