Lucene search
K

228 matches found

NVD
NVD
added 2021/08/04 6:15 p.m.20 views

CVE-2021-38111

The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via the NFMI Near Field Magnetic Induction protocol...

8.8CVSS0.01332EPSS
Exploits1References2
Prion
Prion
added 2021/08/04 6:15 p.m.25 views

Buffer overflow

The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via the NFMI Near Field Magnetic Induction protocol...

5.8CVSS8.8AI score0.01332EPSS
Exploits1References2
CVE
CVE
added 2021/08/04 12:0 a.m.51 views

CVE-2021-38111

The CVE-2021-38111 entry concerns the DEF CON 27 badge, which communicates over NFMI. The vulnerability is a buffer overflow caused by receiving an oversized NFMI packet, enabling remote attackers to potentially exploit the device. The CVSS metrics in the initial record show a CVSS 3.1 base score...

8.8CVSS8.8AI score0.01332EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/08/04 12:0 a.m.22 views

CVE-2021-38111

The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via the NFMI Near Field Magnetic Induction protocol...

9.1AI score0.01332EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2021/08/04 12:0 a.m.5 views

CVE-2021-38111

The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via the NFMI Near Field Magnetic Induction protocol...

8.9AI score0.01332EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2021/07/28 5:44 p.m.59 views

Reboot of PunkSpider Tool at DEF CON Stirs Debate

Researchers will release a reboot of a controversial tool that crawls the web to identify back-end vulnerabilities in websites in the hopes that companies will quickly fix them and reduce security risks. However, experts have mixed feelings about the tool called PunkSpider, created by the analyti...

7.1AI score
Exploits0References14
Debian CVE
Debian CVE
added 2021/06/02 3:49 p.m.29 views

CVE-2020-6950

Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter...

6.5CVSS7.2AI score0.10124EPSS
Exploits0
OSV
OSV
added 2021/05/26 12:15 p.m.11 views

DEBIAN-CVE-2020-25668

A flaw was found in Linux Kernel because access to the global variable fgconsole is not properly synchronized leading to a use after free in confontop...

7CVSS6.1AI score0.01026EPSS
Exploits1References1
Imperva Blog
Imperva Blog
added 2021/05/25 12:47 p.m.39 views

Why Geek Pride Day is Something to be Proud Of

It’s fair to say that the majority of us who work in cybersecurity are ‘of a certain mindset’. There’s something that comes with the culture and tradition of personal computing, coding, and data that fosters an interest in elements of geek counter culture. Happy to wear our fandoms, obsessions, a...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/05/18 3:49 p.m.3 views

kernel: race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys, causing a use-after-free in con_shutdown().

A use-after-free flaw was found in the Linux kernel’s Virtual Terminal subsystem in how a user calls the VTDISALLOCATE ioctl during the closing/opening of ttys. This flaw allows a local user to crash the system...

5.1CVSS6.6AI score0.00196EPSS
Exploits0References5
CNVD
CNVD
added 2020/11/03 12:0 a.m.7 views

Linux kernel code issue vulnerability (CNVD-2020-61025)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A code issue vulnerability exists in Linux kernel confontop, which arises from an improperly designed or implemented code development process for a networked system or...

7CVSS6.9AI score0.01026EPSS
Exploits1References1
OSV
OSV
added 2020/11/02 12:0 a.m.9 views

UBUNTU-CVE-2020-25668

A flaw was found in Linux Kernel because access to the global variable fgconsole is not properly synchronized leading to a use after free in confontop...

7CVSS6.6AI score0.01026EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2020/09/07 1:5 p.m.3 views

Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371

A flaw was found in Eclipse Mojarra before version 2.3.14, where it is vulnerable to a path traversal flaw via the loc parameter or the con parameter. An attacker could exploit this flaw to read arbitrary files...

7.5CVSS7AI score0.10124EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2020/09/07 12:58 p.m.3 views

Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371

A flaw was found in Eclipse Mojarra before version 2.3.14, where it is vulnerable to a path traversal flaw via the loc parameter or the con parameter. An attacker could exploit this flaw to read arbitrary files...

7.5CVSS7AI score0.10124EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2020/09/07 12:58 p.m.4 views

Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371

A flaw was found in Eclipse Mojarra before version 2.3.14, where it is vulnerable to a path traversal flaw via the loc parameter or the con parameter. An attacker could exploit this flaw to read arbitrary files...

7.5CVSS7AI score0.10124EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2020/09/07 12:57 p.m.3 views

Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371

A flaw was found in Eclipse Mojarra before version 2.3.14, where it is vulnerable to a path traversal flaw via the loc parameter or the con parameter. An attacker could exploit this flaw to read arbitrary files...

7.5CVSS7AI score0.10124EPSS
Exploits0References9
Kitploit
Kitploit
added 2020/08/15 12:30 p.m.160 views

Phirautee - A PoC Crypto Virus To Spread User Awareness About Attacks And Implications Of Ransomwares

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanentl...

7.2AI score
Exploits0References3
The Hacker News
The Hacker News
added 2020/08/12 10:45 a.m.35 views

Flaws in Samsung Phones Exposed Android Users to Remote Attacks

New research disclosed a string of severe security vulnerabilities in the 'Find My Mobile'—an Android app that comes pre-installed on most Samsung smartphones—that could have allowed remote attackers to track victims' real-time location, monitor phone calls, and messages, and even delete data...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/08/10 9:25 a.m.5 views

Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28

Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data—and even run stealthy malware as a sub-process of a trusted...

6.5CVSS7AI score0.19193EPSS
Exploits4
The Hacker News
The Hacker News
added 2020/08/10 9:25 a.m.73 views

Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28

Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data—and even run stealthy malware as a sub-process of a trusted...

6.5CVSS0.4AI score0.19193EPSS
Exploits4
Rows per page
Query Builder