Re: Checking existence of firewalled URLs via javascript’s script.onload
Posted by Jonathan Gregson via Fulldisclosure on Apr 28 Hi Georgi, As you suggested, this is a CSRF attack. Using such techniques to attack or...
CVE-2020-4729
IBM Counter Fraud Management for Safer Payments 5.7.0.00 through 5.7.0.10, 6.0.0.00 through 6.0.0.07, 6.1.0.00 through 6.1.0.05, and 6.2.0.00 through 6.2.1.00 could allow an authenticated attacker...
USN-6047-1: Linux kernel vulnerability
It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker...
CVE-2022-25091
Infopop Ultimate Bulletin Board up to v5.47a was discovered to allow all messages posted inside private forums to be disclosed by unauthenticated users via the...
USN-6046-1: OpenSSL-ibmca vulnerabilities
It was discovered that OpenSSL-ibmca incorrectly handled certain RSA decryption. An attacker could possibly use this issue to expose sensitive information. Read More
CVE-2020-36070
Insecure Permission vulnerability found in Yoyager v.1.4 and before allows a remote attacker to execute arbitrary code via a crafted .php file to the media...
USN-6042-1: Cloud-init vulnerability
James Glovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find hashed passwords and possibly escalate their...
USN-6017-2: Ghostscript vulnerability
USN-6017-1 fixed vulnerabilities in Ghostscript. This update provides the corresponding updates for Ubuntu 23.04. Original advisory details: Hadrien Perrineau discovered that Ghostscript incorrectly handled certain...
USN-6045-1: Linux kernel vulnerabilities
It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker...
USN-6044-1: Linux kernel vulnerabilities
It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker...