Incorrect Authorization

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Incorrect Authorization in the configuration for SSL certificate and key file paths due to incorrect option name checks. An attacker can gain unauthorized...

Fortinet Fortigate FGFM protocol allows unauthenticated reset of the connection (FG-IR-24-041)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-041 advisory. - An improper check or handling of exceptional conditions vulnerability CWE-703 in FortiOS version 7.4.0 through 7.4.3 and...

EUVD-1999-1518

Malware in sbrugna...

Security Bulletin: IBM TRIRIGA Application Platform is vulneraible to multiple vunerabilities [CVE-2016-0003], [CVE-2016-1000031] and [CVE-2016-0248]

Summary IBM TRIRIGA Application Platform updated the apache commons open source to latest version to fix the fulnerabilities in CVE-2016-0003, CVE-2016-1000031 and CVE-2016-0248. Vulnerability Details CVEID:CVE-2016-0003 DESCRIPTION: Microsoft Edge could allow a remote attacker to execute arbitra...

CVE-2019-3821

A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaust file descriptors for ceph-radosgw service resulting in a remote denial of service...

Security Bulletin: Query Parameter in SSL Request vulnerability affects IBM Security Guardium (CVE-2016-0248)

Summary IBM Security Guardium transmits query parameters in SSL requests, that could be intercepted by a remote attacker using man in the middle techniques Vulnerability Details CVEID: CVE-2016-0248 DESCRIPTION: IBM Security Guardium transmits query parameters in SSL requests, that could be...

Uniscan 5.2 is released - vulnerability scanner

Uniscan 5.2 is released - vulnerability scanner Uniscan is a open source vulnerability scanner for Web applications. Uniscan 2.0 is a perl vulnerability scanner for RFI, LFI, RCE, XSS and SQL-injection. features: Identification of system pages through a Web Crawler. Use of threads in the crawler...

Uniscan 5.2 is released - vulnerability scanner

Uniscan 5.2 is released - vulnerability scanner Uniscan is a open source vulnerability scanner for Web applications. Uniscan 2.0 is a perl vulnerability scanner for RFI, LFI, RCE, XSS and SQL-injection. features: Identification of system pages through a Web Crawler. Use of threads in the crawler...

Web Servers SSL Flooding Denial of Service (CVE-2011-3389)

The vulnerability is due to the server's inability to handle multiple incoming SSL requests within a short period of time. Remote attackers may exploit this issue by rapidly sending a large number of SSL requests to the server. The attack may be initiated from one or more sources DDoS. Successful...

Uniscan 4.0 vulnerability scanner Released

Uniscan 4.0 vulnerability scanner Released The Uniscan vulnerability scanner is aimed at information security, which aims at finding vulnerabilities in Web systems and is licensed under the GNU GENERAL PUBLIC LICENSE 3.0 GPL 3. The Uniscan was developed using the Perl programming language to be...

CVE-1999-1537

IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service resource exhaustion via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the...

CVE-1999-1537

IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service resource exhaustion via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the...