Lucene search
K

98 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2021/05/20 12:0 a.m.71 views

Security update for exim (critical)

openSUSE Security Update: Security update for exim Announcement ID: openSUSE-SU-2021:0754-1 Rating: critical References: 1079832 1171490 1171877 1173693 1185631 Cross-References: CVE-2017-1000369 CVE-2017-16943 CVE-2017-16944 CVE-2018-6789 CVE-2019-16928 CVE-2020-12783 CVE-2020-28007 CVE-2020-280...

9.8CVSS7.4AI score0.82238EPSS
Exploits34References5
OSV
OSV
added 2021/03/01 10:15 p.m.14 views

CVE-2021-26704

EPrints 3.4.2 allows remote attackers to execute arbitrary commands via crafted input to the verb parameter in a cgi/toolbox/toolbox URI...

8.8CVSS7.9AI score
Exploits0References3
NVD
NVD
added 2021/03/01 10:15 p.m.18 views

CVE-2021-26704

EPrints 3.4.2 allows remote attackers to execute arbitrary commands via crafted input to the verb parameter in a cgi/toolbox/toolbox URI...

8.8CVSS0.03072EPSS
Exploits1References3
CVE
CVE
added 2021/03/01 9:2 p.m.42 views

CVE-2021-26704

CVE-2021-26704 affects EPrints 3.4.2. A remote command-injection vulnerability exists in the CGI toolbox verb parameter, allowing an attacker to execute arbitrary commands on the affected system. Exploitation details indicate remote access over the network with low complexity and no user interact...

8.8CVSS9AI score0.03072EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2021/03/01 12:0 a.m.5 views

EPrints 安全漏洞

EPrints is a free open source software package for building open access repositories compliant with the OAI-PMH protocol. A remote code execution vulnerability exists in EPrints 3.4.2. A remote attacker can exploit this vulnerability by entering specially crafted data into the verb parameter in t...

8.8CVSS6.8AI score0.03072EPSS
Exploits1References4
NVD
NVD
added 2020/12/16 2:15 a.m.34 views

CVE-2020-26273

osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. In osquery before version 4.6.0, by using sqlite's ATTACH verb, someone with administrative access to osquery can cause reads and writes to arbitrary sqlite databases on disk. This does allow arbitrary...

5.2CVSS5.4AI score0.00944EPSS
Exploits1References4
CVE
CVE
added 2020/12/16 1:20 a.m.93 views

CVE-2020-26273

Summary: CVE-2020-26273 affects osquery prior to 4.6.0. By abusing sqlite’s ATTACH verb, an administrator can read/write to arbitrary sqlite databases on disk, potentially creating new sqlite files. Existing non-sqlite files are not overwritten according to the sources. The vulnerability is mitig...

5.2CVSS5.4AI score0.00944EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2020/10/12 1:15 p.m.3 views

CVE-2020-4779

A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156...

8.1CVSS7.3AI score0.01114EPSS
Exploits0References2
NVD
NVD
added 2020/10/12 1:15 p.m.28 views

CVE-2020-4779

A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156...

8.1CVSS0.01114EPSS
Exploits0References2
Prion
Prion
added 2020/10/12 1:15 p.m.22 views

Security feature bypass

A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156...

5.5CVSS7.7AI score0.01114EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/10/12 1:5 p.m.24 views

CVE-2020-4779

A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156...

8.1CVSS7.8AI score0.01114EPSS
Exploits0References2
CVE
CVE
added 2020/10/12 1:5 p.m.43 views

CVE-2020-4779

A HTTP Verb Tampering vulnerability (CVE-2020-4779) affects IBM Cúram Social Program Management 7.0.9 and 7.0.10, enabling an attacker to bypass security access controls by sending specially crafted requests. Root cause details are not fully enumerated in the provided documents, but the IBM advis...

8.1CVSS7.8AI score0.01114EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/08 5:36 p.m.20 views

Security Bulletin: A HTTP Verb Tampering vulnerability may impact IBM Cúram Social Program Management (CVE-2020-4779)

Summary A HTTP Verb Tampering vulnerability may impact IBM Cúram Social Program Management. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. Vulnerability Details CVEID: CVE-2020-4779 DESCRIPTION: A HTTP Verb Tampering...

8.1CVSS1.5AI score0.01114EPSS
Exploits0Affected Software1
Kitploit
Kitploit
added 2019/11/20 9:23 p.m.77 views

Custom Header - Automatic Add New Header To Entire BurpSuite HTTP Requests

This Burp Suite extension allows you to customize header with put a new header into HTTP REQUEST BurpSuite Scanner, Intruder, Repeater, Proxy History and also you can choose whatever HTTP VERB what do you want to customize. Usage Easy to use ! : Don't forget to click save button ! Changelog 24...

7.3AI score
Exploits0References3
Prion
Prion
added 2019/07/02 9:15 p.m.19 views

Buffer overflow

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom binary called mp4ts under the /var/www/video folder. It seems that this binary dumps the HTTP VERB in the system logs. As a part of doing that it retrieves the HTTP VERB sent by the user and uses a vulnerable...

5.8CVSS9.1AI score0.05732EPSS
Exploits0References3
Prion
Prion
added 2018/11/13 8:29 p.m.23 views

Design/Logic Flaw

HTTP Verb Tampering is possible in SAP BusinessObjects Business Intelligence Platform, versions 4.1 and 4.2, Central Management Console CMC by changing request method...

4CVSS4.8AI score0.00888EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2018/11/13 8:29 p.m.23 views

CVE-2018-2483

HTTP Verb Tampering is possible in SAP BusinessObjects Business Intelligence Platform, versions 4.1 and 4.2, Central Management Console CMC by changing request method...

4.3CVSS4.7AI score0.00888EPSS
Exploits0References3
OSV
OSV
added 2018/11/13 8:29 p.m.8 views

CVE-2018-2483

HTTP Verb Tampering is possible in SAP BusinessObjects Business Intelligence Platform, versions 4.1 and 4.2, Central Management Console CMC by changing request method...

4.3CVSS5.8AI score0.00888EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/11/13 8:0 p.m.27 views

CVE-2018-2483

HTTP Verb Tampering is possible in SAP BusinessObjects Business Intelligence Platform, versions 4.1 and 4.2, Central Management Console CMC by changing request method...

4.7AI score0.00888EPSS
Exploits0References3
CVE
CVE
added 2018/11/13 8:0 p.m.48 views

CVE-2018-2483

SAP BusinessObjects BI Platform CMC (versions 4.1 and 4.2) is affected by HTTP Verb Tampering caused by how request methods can be manipulated. Vulnerable component: Central Management Console. Reported impact includes bypassing security restrictions and tampering with HTTP verbs. No explicit exp...

4.3CVSS4.7AI score0.00888EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder