CVE-2020-26979

When a user typed a URL in the address bar or the search bar and quickly hit the enter key, a website could sometimes capture that event and then redirect the user before navigation occurred to the desired, entered address. To construct a convincing spoof the attacker would have had to guess what...

CVE-2020-26979

When a user typed a URL in the address bar or the search bar and quickly hit the enter key, a website could sometimes capture that event and then redirect the user before navigation occurred to the desired, entered address. To construct a convincing spoof the attacker would have had to guess what...

CVE-2020-4912

IBM Cloud Pak System 2.3 Self Service Console could allow a privilege escalation by capturing the user request URL when logged in as a privileged user. IBM X-Force ID: 191287...

ctf_repo

This is a Python script for a CTF Capture The Flag challenge called "FunPwn" from the 2016 ASIS CTF game. The script is designed to automate the game by interacting with the game's console. Here's a breakdown of the script: 1. The script starts by importing the pwn module, which is a Python libra...

Wireshark 3.4.x < 3.4.1 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.4.1 advisory. - Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8...

Buffer Overflow

Wireshark is vulnerable to buffer overflow. The vulnerability is possible because it allows denial of service via packet injection or crafted capture file...

Wireshark Buffer Overflow Vulnerability (CNVD-2021-07124)

Wireshark is a network packet analyzer. Wireshark is a network packet analyzer that captures network packets and displays the most detailed packet information possible.Wireshark uses WinPCAP as an interface to exchange data packets directly with the network card. A buffer overflow vulnerability...

CVE-2020-26422

Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file...

CVE-2020-26422

Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file...

CVE-2020-26422

Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file...

Buffer overflow

Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file...

UBUNTU-CVE-2020-26422

Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file...

CVE-2020-26422

Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file...

CVE-2020-26422

Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file...

CVE-2020-26422

Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file...

My-CTF-Web-Challenges

This is a collection of CTF Capture The Flag web challenges created by orange. The repository contains source code, write-ups, and idea explanations for various challenges. The challenges are categorized by year, with challenges from HITCON 2018, 2019, and 2020, as well as other CTF events. The...

Security Bulletin: Datacap Taskmaster Capture is affected by vulnerable to server supports a deprecated SSL version (either SSLv2 or SSLv3)

Summary This is a fix related to configuration rather than a code change, can be made by the system administration who would be responsible for configuring and maintaining SSL certificates Vulnerability Details Third Party Entry: PSIRT-ADV0026274 DESCRIPTION: Created from Advisory: ADV0026274 CVS...

Security Bulletin: Datacap Taskmaster Capture is affected by vulnerable to weak cipher suites by successfully creating SSL connections

Summary AppScan determined that the site uses weak cipher suites by successfully creating SSL connections using each of the weak cipher suites listed here. Vulnerability Details Third Party Entry: PSIRT-ADV0026310 DESCRIPTION: Created from Advisory: ADV0026310 CVSS Base score: 5.9 CVSS Vector:...

Security Bulletin: Datacap Taskmaster Capture is affected by vulnerable to using a cookie without the "secure" attribute

Summary AppScan found that an encrypted session SSL is using a cookie without the "secure" attribute and this can be fixed by adding a setting in web.config file Vulnerability Details Third Party Entry: PSIRT-ADV0026307 DESCRIPTION: Created from Advisory: ADV0026307 CVSS Base score: 4.3 CVSS...

Customer Support System 1.0 SQL Injection

Exploit Title: Customer Support System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-11 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...