Lucene search
K

3678 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/09/25 5:54 a.m.2 views

Yahoo! Japan Box for Android issue where it fails to verify SSL server certificates

Overview Yahoo! Japan Box for Android provided by Yahoo Japan Corporation contains an issue where it fails to verify SSL server certificates. Yahoo Japan Corporation reported this vulnerability to JPCERT/CC to notify users of this issue through JVN. JPCERT/CC coordinated with Yahoo Japan...

5.4CVSS6.5AI score0.00354EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/09/25 12:0 a.m.29 views

JVN#48270605: Yahoo! Japan Box for Android issue where it fails to verify SSL server certificates

Yahoo! Japan Box for Android provided by Yahoo Japan Corporation contains an issue where it fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version...

5.4CVSS6.2AI score0.00354EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/09/17 12:0 a.m.9 views

Box Detection via DNS

Binary data 8431.prm...

7.3AI score
Exploits0
NVD
NVD
added 2014/09/11 4:55 p.m.13 views

CVE-2014-5881

The Yahoo! Japan Box aka jp.co.yahoo.android.ybox application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS5.9AI score0.00354EPSS
Exploits0References5
Prion
Prion
added 2014/09/11 4:55 p.m.14 views

Information disclosure

The Yahoo! Japan Box aka jp.co.yahoo.android.ybox application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS6.4AI score0.00354EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2014/09/11 4:0 p.m.27 views

CVE-2014-5881

The Yahoo! Japan Box aka jp.co.yahoo.android.ybox application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9AI score0.00354EPSS
Exploits0References5
CVE
CVE
added 2014/09/11 4:0 p.m.52 views

CVE-2014-5881

The CVE-2014-5881 issue affects Yahoo! Japan Box for Android (jp.co.yahoo.android.ybox) where the app fails to verify SSL server certificates in versions up to 1.5.4 (and earlier), enabling man-in-the-middle attackers to decrypt or spoof traffic. Root cause: improper SSL certificate verification ...

5.4CVSS6AI score0.00354EPSS
Exploits0References5Affected Software1
Packet Storm
Packet Storm
added 2014/08/11 12:0 a.m.40 views

IBM Sametime Meet Server 8.5 Arbitrary File Upload

Exploit Title: IBM Sametime Meet Server 8.5 Arbitrary File Upload Google Dork: intitle:"New Meet - IBM Lotus Sametime" Date: 11/08/2014 CVSS Score: http://nvd.nist.gov/cvss.cfm?calculator&version=2&vector=AV:N/AC:M/Au:N/C:P/I:P/A:P CVE-ID: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3088...

5.5CVSS0.4AI score0.01971EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2014/08/03 12:0 a.m.2 views

FritzBox Webcm Unauthenticated Command Injection

A remote command injection vulnerability has been reported in different Fritz!Box devices. The vulnerability is due to insufficient validation within the web-based Interface. A remote attacker can exploit this vulnerability by submitting a maliciously crafted request to the web-based Interface...

3.4AI score
Exploits0
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.14 views

Ads Box - iframe_ampl.php count Parameter SQL Injection

The ads-box WordPress plugin was affected by an iframeampl.php count Parameter SQL Injection security vulnerability...

3.3AI score
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.9 views

wordpress-simple-shout-box - SQL Injection

The wordpress-simple-shout-box WordPress plugin was affected by a SQL Injection security vulnerability...

2.6AI score
Exploits0References1Affected Software1
Fedora
Fedora
added 2014/07/26 12:11 a.m.23 views

[SECURITY] Fedora 20 Update: ffgtk-0.8.6-7.fc20

Fritz Fun ffgtk is a clean solution for controlling the FRITZ!Box or compatible router with Linux. It offers a rich feature list, including call er monitor and fax support. It offers integration with the KDE, evolution and Thurderbird address books. Some plug-ins are packaged separately...

2.9CVSS2.6AI score0.01457EPSS
Exploits1
Kitploit
Kitploit
added 2014/07/09 2:30 a.m.15 views

SysExporter - Grab data from list-view, tree-view, combo box, WebBrowser control, and text-box

SysExporter utility allows you to grab the data stored in standard list-views, tree-views, list boxes, combo boxes, text-boxes, and WebBrowser/HTML controls from almost any application running on your system, and export it to text, HTML or XML file. Here's some examples for data that you can expo...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

ActiTime 2.0-MA CSRF Vulnerability

No description provided by source. |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // // | | | | http://www.corelan.be:8800 | |...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Vanilla Forums Van2Shout Plugin 1.0.51 - Multiple CSRF Vulnerabilities

No description provided by source. Exploit Title: Vanilla Forums = 2.0.18.8 & Van2Shout 1.0.51 Multiple CSRF Google Dork: n/a Date: 13/4/13 Exploit Author: Henry Hoggard Vendor Homepage: http://vanillaforums.org/ , http://vanillaforums.org/addon/van2shout-plugin Software Link:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit

No description provided by source. / CoolPlayer 2.19 Skin File Local Buffer Overflow Exploit Advisory: http://www.bmgsec.com.au/advisory/43/ Test box: WinXP Pro SP2 English Code reference is in skin.c, lines 464 - 480 Written and discovered by: r0ut3r writ3r at gmail.com / www.bmgsec.com.au /...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.40 views

chkrootkit 0.49 - Local Root Vulnerability

No description provided by source. We just found a serious vulnerability in the chkrootkit package, which may allow local attackers to gain root access to a box in certain configurations /tmp not mounted noexec. The vulnerability is located in the function slapper in the shellscript chkrootkit:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Joomla Component Juke Box com_jukebox Local File Inclusion Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Wireshark 1.10.7 - DoS PoC

No description provided by source. !/usr/bin/python Exploit Title: Wireshark Read Access Violation near NULL starting at libcairo2!cairoimagesurfacegetdata Date: May 15th 2014 Author: Osanda Malith Jayathissa E-Mail: osandajayathissaatgmail.com Version: 1.10.7 32-bit and 64-bit Vendor Homepage:...

7.1AI score
Exploits0
Rows per page
Query Builder