GHSA-XGP2-CC4R-7VF6 Denial of Service in http-live-simulator

Versions of http-live-simulator prior to 1.0.8 are vulnerable to Denial of Service. The package fails to catch an exception that causes the Node process to crash, effectively shutting down the server. This allows an attacker to send an HTTP request that crashes the server. Recommendation Upgrade ...

Denial of Service in http-live-simulator

Versions of http-live-simulator prior to 1.0.8 are vulnerable to Denial of Service. The package fails to catch an exception that causes the Node process to crash, effectively shutting down the server. This allows an attacker to send an HTTP request that crashes the server. Recommendation Upgrade ...

Security Bulletin: Multiple vulnerabilities in AngularJS and jQuery affect IBM Spectrum LSF Simulator

Summary There are multiple vulnerabilities in AngularJS and jQuery used by IBM Spectrum LSF Simulator. IBM Spectrum LSF Simulator has addressed the applicable CVEs. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affecte...

frames-simulator (>=1.0.8 <=1.0.9) potentially affected by CVE-2016-10649 via frames-compiler (=1.0.8)

frames-compiler NPM version =1.0.8 is affected by a known vulnerability. The following packages have a transitive dependency on frames-compiler and may be impacted: - frames-simulator =1.0.8, =1.0.9 Source cves: CVE-2016-10649 Source advisory: OSV:GHSA-9CHW-XRWX-F86J...

Validation Bypass in paypal-ipn

Versions 2.x.x and earlier of paypal-ipn are affected by a validation bypass vulnerability. paypal-ipn uses the testipn parameter which is set by the PayPal IPN simulator to determine if it should use the production PayPal site or the sandbox. A motivated attacker could craft a request string usi...

BSF - Botnet Simulation Framework

BSF provides a discrete simulation environment to implement and extend peer-to-peer botnets, tweak their settings and allow defenders to evaluate monitoring and countermeasures. Synopsis In the arms race between botmasters and defenders, the botmasters have the upper hand, as defenders have to...

SAP Solution Manager Authorization Issues Vulnerability (CNVD-2020-25979)

SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...

CVE-2020-6235

SAP Solution Manager Diagnostics Agent, version 7.2, does not perform the authentication check for the functionalities of the Collector Simulator, leading to Missing Authentication...

CVE-2020-6235

SAP Solution Manager Diagnostics Agent, version 7.2, does not perform the authentication check for the functionalities of the Collector Simulator, leading to Missing Authentication...

Authentication flaw

SAP Solution Manager Diagnostics Agent, version 7.2, does not perform the authentication check for the functionalities of the Collector Simulator, leading to Missing Authentication...

RSAC 2020: Ransomware a 'National Crisis,' CISA Says, Ramps ICS Focus

Industrial control systems ICS and critical infrastructure will be a main focus for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency CISA this year – especially as ransomware looms as a main threat to the sector going forward. That’s according to Christopher...

Deal: Cloud And Networking Certification Training ~ Get 97% OFF

Cloud computing and networking are two of the most significant areas of growth in the IT business. Companies need engineers who can maintain distributed software and keep the company connected. If you want to work in either niche, the Essential Cloud & Networking Certification Training Bundle...

ABB PB610 Panel Builder 600 PB610 HMISimulator Unauthorized Access Vulnerability

ABB PB610 Panel Builder 600 is a software from ABB Switzerland for designing graphical user interfaces for the CP600 control panel platform.PB610 HMISimulator is one of the PB610 emulator components. A security vulnerability exists in the path configuration of PB610 HMISimulator 2.8.0.424 and...

Denial Of Service (DoS)

http-live-simulator is vulnerable to denial of service. A remote attacker is able to crash the server by requesting the URL http://localhost:8080/../?a. The vulnerability exists due to a previous fix to prevent directory traversal, which causes the pathname to become an empty string and results i...

Denial of Service

Overview Versions of http-live-simulator prior to 1.0.8 are vulnerable to Denial of Service. The package fails to catch an exception that causes the Node process to crash, effectively shutting down the server. This allows an attacker to send an HTTP request that crashes the server. Recommendation...

CVE-2019-15108

An issue was discovered in WSO2 API Manager 2.6.0 before WSO2-CARBON-PATCH-4.4.0-4457. There is XSS via a crafted filename to the file-upload feature of the event simulator component...

Design/Logic Flaw

An issue was discovered in WSO2 API Manager 2.6.0 before WSO2-CARBON-PATCH-4.4.0-4457. There is XSS via a crafted filename to the file-upload feature of the event simulator component...

CVE-2019-15108

An issue was discovered in WSO2 API Manager 2.6.0 before WSO2-CARBON-PATCH-4.4.0-4457. There is XSS via a crafted filename to the file-upload feature of the event simulator component...

PT-2019-13988 · Wso2 · Wso2 Api Manager

Name of the Vulnerable Software and Affected Versions: WSO2 API Manager versions 2.6.0 through the version before WSO2-CARBON-PATCH-4.4.0-4457 Description: The issue is related to a crafted filename that can cause XSS via the file-upload feature of the event simulator component. Recommendations:...

The Fully Remote Attack Surface of the iPhone

Posted by Natalie Silvanovich, Project Zero While there have been several rumours and reports of fully remote vulnerabilities affecting the iPhone being used by attackers in the last couple of years, limited information is available about the technical details of these vulnerabilities, as well as...