-
## CVE-2022-38750 - Medium Severity Vulnerability
Vulnerable Libraries - snakeyaml-1.24.jar, snakeyaml-1.13.jar, snakeyaml-1.23.jar
snakeyaml-1.24.jar
YAML 1.1 parser and emitter for Java
Library …
-
SHS is a very nice protocol if used over TCP but what if I need to use it over UDP? If `K` is kept in secret than it can be enough to prevent DoS attacks but what if `K` is public? With `K` an attacke…
-
### Configuration
impacket version: Impacket v0.10.0 - Copyright 2022 SecureAuth Corporation
Python version: 3.8.4
Target OS: mac os 10.15.5
### Debug Output With Command String
i.e.
…
-
I would like to report several security vulnerabilities that I found while using this OAuth server library.
The vulnerabilities and their consequences are listed as following:
**Vulnerability 1:…
-
### What happened?
I am a member of a group investigating automated testing of QUIC protocol implementations. During our tests involving a XQUIC implementation with the commit version 00f62288, w…
-
when will ovh internal ddos attacks be fixed ? its way to easy to buy ovh servers from resellers for $5 and use them to attack other ovh bypassing the pre firewall and any mitigation and clogging the …
-
We allow for entry of data into the download request email field. Most users will only enter email addresses, but an attacker may attempt to run code server-side through this field. May want to check …
-
The initial implementation of `vpc-vpn-pivot` is starting a VPN server in AWS Client VPN. In order to do that, the compromised AWS credentials require rather uncommon privileges (unless you have `*:*`…
-
## CVE-2021-34428 - Low Severity Vulnerability
Vulnerable Library - jetty-server-9.4.26.v20200117.jar
The core jetty server artifact.
Library home page: https://webtide.com
Path to dependency file: …
-
**Description**:
Miss placed [[NPC]Nether Anomaly#19686, ID: 2](https://www.wowhead.com/npc=19686/nether-anomaly)
making the [[NPC]Sunfury Bloodwarder#18853, ID: 18,19,20,21](https://www.wowhead.co…