60 matches found
EUVD-2020-5822
Malware in sbrugna...
EUVD-2020-5823
Malware in sbrugna...
EUVD-2021-8955
Malicious code in bioql PyPI...
EUVD-2024-54701
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-13576
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote co...
CVE-2024-51980
An unauthenticated attacker may perform a limited server side request forgery SSRF, forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address. This SSRF leverages the WS-Addressing ReplyTo element in a Web service HTTP TCP port 80 SOAP request. The...
CVE-2024-51981
An unauthenticated attacker may perform a blind server side request forgery SSRF, due to a CLRF injection issue that can be leveraged to perform HTTP request smuggling. This SSRF leverages the WS-Addressing feature used during a WS-Eventing subscription SOAP operation. The attacker can control al...
CVE-2024-51980 Unauthenticated Server Side Request Forgery (SSRF) via WS-Addressing affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.
An unauthenticated attacker may perform a limited server side request forgery SSRF, forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address. This SSRF leverages the WS-Addressing ReplyTo element in a Web service HTTP TCP port 80 SOAP request. The...
CVE-2024-51980
CVE-2024-51980 is an unauthenticated SSRF that, via WS-Addressing ReplyTo in a SOAP web service on HTTP (port 80), forces affected devices to open a TCP connection to an arbitrary IP/port. The vulnerability is reported across multiple Brother Konica Minolta, FUJIFILM, Ricoh, and Toshiba devices (...
CVE-2024-51980 Unauthenticated Server Side Request Forgery (SSRF) via WS-Addressing affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.
An unauthenticated attacker may perform a limited server side request forgery SSRF, forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address. This SSRF leverages the WS-Addressing ReplyTo element in a Web service HTTP TCP port 80 SOAP request. The...
PT-2025-26814 · Brother Industries +4 · Ads-2400N +680
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated attacker may perform a blind server side request forgery SSRF, due to a CLRF injection issue that can be leveraged to perform HTTP request smuggling. This SSRF leverages t...
CVE-2021-21783
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...
Updated gsoap packages fix security vulnerabilities
A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability CVE-2020-13574. A denial-of-service vulnerability exists in...
MGASA-2021-0263 Updated gsoap packages fix security vulnerabilities
A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability CVE-2020-13574. A denial-of-service vulnerability exists in...
openSUSE Security Update : gsoap (openSUSE-2021-632)
This update for gsoap fixes the following issues : - CVE-2020-13576: Fixed a remote code execution via specially crafted SOAP request inside the WS-Addressing plugin boo1182098 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extract...
OPENSUSE-SU-2021:0664-1 Security update for gsoap
This update for gsoap fixes the following issues: - CVE-2020-13576: Fixed a remote code execution via specially crafted SOAP request inside the WS-Addressing plugin boo1182098 This update was imported from the openSUSE:Leap:15.2:Update update project...
OPENSUSE-SU-2021:0632-1 Security update for gsoap
This update for gsoap fixes the following issues: - CVE-2020-13576: Fixed a remote code execution via specially crafted SOAP request inside the WS-Addressing plugin boo1182098...
DEBIAN-CVE-2021-21783
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2021-21783
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2021-21783
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...