Lucene search
K

545 matches found

Metasploit
Metasploit
added 2021/05/18 5:42 p.m.85 views

SaltStack Salt Information Gatherer

This module gathers information from SaltStack Salt masters and minions. Data gathered from minions: 1. salt minion config file Data gathered from masters: 1. minion list denied, pre, rejected, accepted 2. minion hostname/ip/os depending on module settings 3. SLS 4. roster, any SSH keys are...

6.8AI score
Exploits0
Kitploit
Kitploit
added 2021/04/17 12:30 p.m.6477 views

Android-PIN-Bruteforce - Unlock An Android Phone (Or Device) By Bruteforcing The Lockscreen PIN

Unlock an Android phone or device by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! How it works It uses a USB OTG cable to connect the locked phone to the Nethunter device. It emulates a keyboard, automatically tries PINs, and...

7.5AI score
Exploits0References10
Cvelist
Cvelist
added 2021/04/16 10:15 a.m.19 views

CVE-2021-22539 Code execution in VSCode-bazel via malicious Bazel config files

An attacker can place a crafted JSON config file into the project folder pointing to a custom executable. VScode-bazel allows the workspace path to lint .bzl files to be set via this config file. As such the attacker is able to execute any executable on the system through vscode-bazel. We recomme...

8.2CVSS8.4AI score0.0031EPSS
Exploits0References2
OSV
OSV
added 2021/04/13 7:15 p.m.4 views

CVE-2021-22717

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists in C-Bus Toolkit V1.15.7 and prior that could allow a remote code execution when processing config files...

8.8CVSS7.8AI score0.38912EPSS
Exploits0References2
Prion
Prion
added 2021/04/13 7:15 p.m.19 views

Path traversal

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists in C-Bus Toolkit V1.15.7 and prior that could allow a remote code execution when processing config files...

6.5CVSS8.9AI score0.38912EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/04/13 6:31 p.m.20 views

CVE-2021-22717

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists in C-Bus Toolkit V1.15.7 and prior that could allow a remote code execution when processing config files...

9.2AI score0.38912EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/24 12:0 a.m.24 views

Fedora: Security Advisory for kde-settings (FEDORA-2021-f68a5a75ba)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.1CVSS7.1AI score0.03422EPSS
Exploits1References2
Fedora
Fedora
added 2021/03/23 12:18 a.m.50 views

[SECURITY] Fedora 34 Update: kde-settings-34.0-9.fc34

Config files for kde...

7.1CVSS1.6AI score0.03422EPSS
Exploits1
OSV
OSV
added 2021/02/11 9:15 p.m.0 views

CVE-2021-21055

Adobe Dreamweaver versions 21.0 and earlier and 20.2 and earlier is affected by an untrusted search path vulnerability that could result in information disclosure. An attacker with physical access to the system could replace certain configuration files and dynamic libraries that Dreamweaver...

6.2CVSS6.5AI score0.00787EPSS
Exploits0References1
Kitploit
Kitploit
added 2021/01/18 8:30 p.m.781 views

BigBountyRecon - This Tool Utilises 58 Different Techniques To Expediate The Process Of Intial Reconnaissance On The Target Organisation

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation. Reconnaissance is the most important step in any penetration testing or a bug hunting process. It provides an attacke...

9.8CVSS10AI score0.99193EPSS
Exploits5References2
NVD
NVD
added 2020/12/21 6:15 p.m.12 views

CVE-2020-4843

IBM Security Secret Server 10.6 stores potentially sensitive information in config files that could be read by an authenticated user. IBM X-Force ID: 190048...

6.3CVSS4.5AI score0.00495EPSS
Exploits0References2
OSV
OSV
added 2020/12/21 6:15 p.m.3 views

CVE-2020-4843

IBM Security Secret Server 10.6 stores potentially sensitive information in config files that could be read by an authenticated user. IBM X-Force ID: 190048...

4.3CVSS6.3AI score0.00495EPSS
Exploits0References2
Prion
Prion
added 2020/12/21 6:15 p.m.13 views

Information disclosure

IBM Security Secret Server 10.6 stores potentially sensitive information in config files that could be read by an authenticated user. IBM X-Force ID: 190048...

4CVSS4AI score0.00495EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/12/21 6:5 p.m.15 views

CVE-2020-4843

IBM Security Secret Server 10.6 stores potentially sensitive information in config files that could be read by an authenticated user. IBM X-Force ID: 190048...

6.3CVSS4.1AI score0.00495EPSS
Exploits0References2
CVE
CVE
added 2020/12/21 6:5 p.m.41 views

CVE-2020-4843

The CVE-2020-4843 issue affects IBM Security Secret Server (all versions) where configuration files can disclose sensitive data to an authenticated user. Root causes include information disclosure via stored config files; published CVSS scores range from 4.3 (3.1) to 6.3 (3.0) in IBM advisories, ...

6.3CVSS4AI score0.00495EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2020/12/21 12:0 a.m.5 views

IBM Security Secret Server 信息泄露漏洞

IBM Security Secret Server is a set of privileged access management solutions from IBM USA. The product supports password management, privileged account identification and privileged session access monitoring and logging. An information disclosure vulnerability exists in IBM Security Secret Serve...

6.3CVSS6.4AI score0.00495EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/16 9:33 p.m.13 views

Security Bulletin: A Security Vulnerability Has Been Identified In IBM Security Secret Server

Summary A security vulnerability identified on IBM Security Secret Server has been addressed in the release 10.8. Vulnerability Details CVEID: CVE-2020-4843 DESCRIPTION: IBM Security Secret Server stores potentially sensitive information in config files that could be read by an authenticated user...

6.3CVSS1.2AI score0.00495EPSS
Exploits0Affected Software1
CVE
CVE
added 2020/11/04 2:35 p.m.65 views

CVE-2020-2318

CVE-2020-2318 affects the Jenkins Mail Commander Plugin for Jenkins-ci Plugin versions 1.0.0 and earlier. The root cause is that passwords are stored unencrypted in the job config.xml files on the Jenkins controller, allowing disclosure to users with Extended Read permission or with filesystem ac...

6.5CVSS6.4AI score0.01032EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2020/09/30 12:0 a.m.3 views

Foxit PhantomPDF Elevation of Privilege Vulnerability

PhantomPDF is a Chinese Foxit Foxit company for enterprise-level users of PDF document processing software. An elevation of privilege vulnerability exists in Foxit PhantomPDF 10.0.1.35811 and earlier versions in the handling of configuration files used by the update service. The vulnerability ste...

7.8CVSS7.4AI score0.01973EPSS
Exploits0References1
NVD
NVD
added 2020/07/02 3:15 p.m.12 views

CVE-2020-2208

Jenkins Slack Upload Plugin 1.7 and earlier stores a secret unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

4.3CVSS0.00691EPSS
Exploits0References2
Rows per page
Query Builder