CVE-2019-10046

An unauthenticated attacker can obtain information about the Pydio 8.2.2 configuration including session timeout, libraries, and license information...

Information disclosure

An unauthenticated attacker can obtain information about the Pydio 8.2.2 configuration including session timeout, libraries, and license information...

CVE-2019-10046

CVE-2019-10046 affects Pydio 8.2.2 and is an information-disclosure vulnerability where an unauthenticated attacker can obtain details about the application configuration (e.g., session timeout, libraries, license information). Public sources (NVD, RH Red Hat advisory, OpenVAS entry) describe it ...

CVE-2019-10046

An unauthenticated attacker can obtain information about the Pydio 8.2.2 configuration including session timeout, libraries, and license information...

Password Cracker: Databases

This module uses John the Ripper or Hashcat to identify weak passwords that have been acquired from the mssqlhashdump, mysqlhashdump, postgreshashdump, or oraclehashdump modules. Passwords that have been successfully cracked are then saved as proper credentials. Due to the complexity of some of t...

CVE-2019-5626 BlueCats Reveal Android App Insecure Storage

The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in a clear text file. This file persists until the user logs out or the session times out from non-usage 30 days of no user activity. This can allow an attacker to compromise the affected BlueCats networ...

MiniUPnP MiniUPnPd code issue vulnerability (CNVD-2019-14713)

MiniSSDPd is a daemon for managing SSDPs on Posix systems. MiniUPnP A code issue vulnerability exists in the GetOutboundPinholeTimeout of the upnpsoap.c file used for remport in MiniUPnP MiniUPnPd 2.1 and earlier versions. The vulnerability stems from an improperly designed or implemented code...

Denial Of Service (DoS)

Apache HTTPD is vulnerable to denial of serviceDoS attacks. A remote user could send specially crafted and continuous SETTINGS data for an ongoing HTTP/2 connection to cause the target service to fail to timeout...

DEBIAN-CVE-2019-12109

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for remport...

UBUNTU-CVE-2019-12108

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for intport...

DEBIAN-CVE-2019-12108

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for intport...

UBUNTU-CVE-2019-12109

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for remport...

dotnet: timeouts for regular expressions are not enforced

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981...

MiniUPnP MiniUPnPd code issue vulnerability (CNVD-2019-14712)

MiniSSDPd is a daemon for managing SSDPs on Posix systems. MiniUPnP A code issue vulnerability exists in the GetOutboundPinholeTimeout of the upnpsoap.c file used for intport in MiniUPnP MiniUPnPd 2.1 and earlier versions. The vulnerability stems from an improperly designed or implemented code...

PT-2019-16881 · Ibm · Ibm Tivoli Storage Productivity Center

Name of the Vulnerable Software and Affected Versions: IBM Tivoli Storage Productivity Center versions 5.2.1 through 5.2.17 Description: The issue allows users to remain idle within the application even after logging out, and by utilizing the application's back button, users can remain logged in...

Denial Of Service (DoS)

HTTPS NIO Connector is vulnerable to Denial Of Service DoS attacks. The component Socket Handler's functionality is affected by opening a socket and not sending an SSL handshake which results in a read-timeout vulnerability...

Denial Of Service (DoS)

httpd is vulnerable to denial of service. It was discovered that modproxyajp, when used in configurations with modproxy in load balancer mode, would mark a back-end server as failed when request processing timed out, even when a previous AJP Apache JServ Protocol CPing request was responded to by...

The vulnerability of the mod_session module in the Apache HTTP Server, related to the lack of consideration for the lifetime of a session, allows attackers to compromise the integrity of protected data.

The vulnerability of the modsession module in the Apache HTTP Server is related to the lack of time-out checking before session data is decoded. Exploiting this vulnerability allows an attacker to compromise the integrity of protected data...

CVE-2019-3883

In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout' seconds. However this timeout applies only for un-encrypted requests. Connections using SSL/TLS are not taking this timeout into account during...

DEBIAN-CVE-2019-3883

In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout' seconds. However this timeout applies only for un-encrypted requests. Connections using SSL/TLS are not taking this timeout into account during...