The vulnerability of the Fly-admin-dm graphical input configuration tool for the Astra Linux operating system allows a perpetrator to access confidential data.

The vulnerability of the Fly-admin-dm graphical input configuration tool in the Astra Linux operating system is related to security vulnerabilities that allow the capture of screens containing graphical windows displaying confidential data. Exploiting this vulnerability could enable a malicious...

Logic flaws exist in the OA system of Shandong Branch of Unicom Systems Integration Co.

Ltd. Shandong Province Branch is a wholly-owned listed branch of China Unicom, with a registered capital of RMB 550 million yuan at its headquarters, which is a large state-owned high-tech enterprise. There is a logic flaw vulnerability in the OA system of Unicom System Integration Ltd Shandong...

Aircrack-ng 1.5 - Complete Suite Of Tools To Assess WiFi Network Security

Aircrack-ng is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security: Monitoring: Packet capture and export of data to text files for further processing by third party tools. Attacking: Replay attacks, deauthentication, fake access points and...

Framework for Rogue Wi-Fi Access Point Attack: WiFi-Pumpkin

The WiFi-Pumpkin is a rogue AP framework to easily create these fake networks, all while forwarding legitimate traffic to and from the unsuspecting target. It comes stuffed with features, including rogue Wi-Fi access points, deauth attacks on client APs, a probe request and credentials monitor,...

Tools for capturing and analyzing keyboard input paired with microphone capture

The main goal is to exploit the sound produced by pressing keyboard keys as a side channel in order to guess the content of the text being typed. To achieve this, the algorithm takes as input a training set, consisting of an audio recording, together with the corresponding keys being typed during...

Android Security Bulletin—December 2018Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2018-12-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

Kbd-Audio - Tools For Capturing And Analysing Keyboard Input Paired With Microphone Capture

This is a collection of command-line and GUI tools for capturing and analyzing audio data. The most interesting tool is called keytap - it can guess pressed keyboard keys only by analyzing the audio captured from the computer's microphone. Build instructions Dependencies: SDL2 - used to capture...

Track People on the Internet: trape

Trape is a OSINT analysis and research tool, which allows people to track and execute intelligent social engineering attacks in real time. It was created with the aim of teaching the world how large Internet companies could obtain confidential information such as the status of sessions of their...

Closing the Gap: An Exciting Initiative to Drive More Gender Diversity in Tech

We all know there’s a global IT skills crisis. In cybersecurity things are even worse, with a shortfall of nearly three million roles estimated today — 500,000 of which are in North America. Today women comprise just 24% of the workforce yet half of the global population. Why is this? Women were...

Vulnerability in the "User's Avatar" of the App of the East Presentation Association

East Presentation Club APP is a hotel booking platform. An override access vulnerability exists in the "user avatar" section of Dongcheng Club APP. An attacker can traverse the key field to obtain sensitive information of other users by grabbing packets...

Polycom Trio Improper Access Control Vulnerability

Polycom Trio is a Polycom Trio series of business conference phones.The Bluetooth subsystem is one of the Bluetooth subsystems. A security vulnerability exists in the Bluetooth subsystem on Polycom Trio using software versions prior to 5.5.4, which stems from the program failing to enforce proper...

Overstepping Access Vulnerability in Rattle Car Rental App

Rattle Rental App is a car rental app. There is an overstepping access vulnerability in Ringer Rental Car APP. Attackers can use the vulnerability to capture packets to obtain sensitive information of other users...

Security Vulnerability in Internet-Connected Construction Cranes

This seems bad: The F25 software was found to contain a capture replay vulnerability -- basically an attacker would be able to eavesdrop on radio transmissions between the crane and the controller, and then send their own spoofed commands over the air to seize control of the crane. "These devices...

Ltd. cloud collection of any content plug-ins exist in any file read vulnerability

The Cloud Capture Any Content Plugin by Heyuan Zhongda Culture Media Co. is a free collection plugin. There is an arbitrary file reading vulnerability in the Heyuan Zhongda Culture Media Limited Cloud Capture Any Content Plugin. Attacks can use this vulnerability to obtain sensitive information o...

Telecrane F25 Series

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Low skill level to exploit Vendor: Telecrane Equipment: F25 Series Vulnerability: Authentication Bypass by Capture-Replay 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized users to view commands, replay commands,...

CVE-2018-5156

A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird 60, Firefox ESR 60.1, Firefox ESR...

CVE-2018-5156

A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird 60, Firefox ESR 60.1, Firefox ESR...

DEBIAN-CVE-2018-5156

A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird 60, Firefox ESR 60.1, Firefox ESR...

CVE-2018-5156

A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird 60, Firefox ESR 60.1, Firefox ESR...

CVE-2018-5156

The CVE-2018-5156 entry describes a vulnerability in media capture: when the media source type is changed during capture, stream data can be cast to the wrong type, causing a crash. Affected products include Thunderbird