3492 matches found
High-Severity SHAREit App Flaws Open Files for the Taking
Two high-severity flaws in the SHAREit Android app allow an attacker to bypass the file transfer application’s device authentication mechanism – and ultimately download content and arbitrary files from the victim’s device, along with a raft of data such as Facebook tokens and cookies. SHAREit is ...
Cisco Network Convergence System 1000 Series IOS XR Software Information Disclosure Vulnerability
Cisco Network Convergence System 1000 Series is a set of network convergence system of the United States Cisco Cisco. An information disclosure vulnerability exists in the IOS XR Software prior to version 6.5.2 in the Cisco Network Convergence System 1000 Series, which stems from the program's...
CVE-2019-1681
A vulnerability in the TFTP service of Cisco Network Convergence System 1000 Series software could allow an unauthenticated, remote attacker to retrieve arbitrary files from the targeted device, possibly resulting in information disclosure. The vulnerability is due to improper validation of...
AirDrop 2.0 - Denial of Service (DoS)
AirDrop 2.0 - Denial of Service DoS include include include include include include include include include include include // // Author: Marcelo Vázquez aka s4vitar // AirDrop 2.0 Remote Denial of Service DoS // // Exploit Title: AirDrop 2.0 Remote Denial of Service DoS // Date: 2019-02-21 //...
AirDrop 2.0 Denial Of Service
include include include include include include include include include include include // // Author: Marcelo VA!zquez aka s4vitar // AirDrop 2.0 Remote Denial of Service DoS // // Exploit Title: AirDrop 2.0 Remote Denial of Service DoS // Date: 2019-02-21 // Exploit Author: Marcelo VA!zquez aka...
AirDrop 2.0 - Denial of Service Exploit
include include include include include include include include include include include // // Author: Marcelo Vázquez aka s4vitar // AirDrop 2.0 Remote Denial of Service DoS // // Exploit Title: AirDrop 2.0 Remote Denial of Service DoS // Date: 2019-02-21 // Exploit Author: Marcelo Vázquez aka...
AirDrop 2.0 - Denial of Service (DoS)
include include include include include include include include include include include // // Author: Marcelo Vázquez aka s4vitar // AirDrop 2.0 Remote Denial of Service DoS // // Exploit Title: AirDrop 2.0 Remote Denial of Service DoS // Date: 2019-02-21 // Exploit Author: Marcelo Vázquez aka...
Securely and Anonymously Send and Receive Files: OnionShare
OnionShare is an open source tool for securely and anonymously sending and receiving files using Tor onion services. It works by starting a web server directly on your computer and making it accessible as an unguessable Tor web address that others can load in Tor Browser to download files from yo...
The vulnerability of the LFTP component in the Oracle Solaris operating system, which allows a intruder to gain unauthorized access to data.
The vulnerability of the LFTP component in the Oracle Solaris operating system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to data using the FTP protocol...
Important: libvncserver
Issue Overview: LibVNC contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution CVE-2018-15127 Affected Packages: libvncserver Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for...
VulnCheck KEV: CVE-2019-9806
A vulnerability exists during authorization prompting for FTP transaction where successive modal prompts are displayed and cannot be immediately dismissed. This allows for a denial of service DOS attack. This vulnerability affects Firefox 66...
ALPINE-CVE-2019-6109
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server or Man-in-The-Middle attacker can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This...
CVE-2019-6109
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server or Man-in-The-Middle attacker can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This...
The vulnerability of the MFT Runtime Server component of the Oracle Managed File Transfer file manager allows a perpetrator to gain unauthorized access to protected data.
The vulnerability of the MFT Runtime Server file manager of Oracle Managed File Transfer is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...
WordPress Ad Manager WD 1.0.11 Arbitrary File Download
Exploit Title: WordPress Plugin ad manager wd v1.0.11 - Arbitrary File Download Google Dork: N/A Date: 25.01.2019 Vendor Homepage: https://web-dorado.com/products/wordpress-ad-manager-wd.html Software: https://wordpress.org/plugins/ad-manager-wd Version: 1.0.11 Tested on: Win7 x64, Exploit Author...
WordPress Plugin Ad Manager WD 1.0.11 - Arbitrary File Download
WordPress Plugin Ad Manager WD 1.0.11 - Arbitrary File Download Exploit Title: WordPress Plugin ad manager wd v1.0.11 - Arbitrary File Download Google Dork: N/A Date: 25.01.2019 Vendor Homepage: https://web-dorado.com/products/wordpress-ad-manager-wd.html Software:...
WordPress Plugin Ad Manager WD 1.0.11 - Arbitrary File Download
Exploit Title: WordPress Plugin ad manager wd v1.0.11 - Arbitrary File Download Google Dork: N/A Date: 25.01.2019 Vendor Homepage: https://web-dorado.com/products/wordpress-ad-manager-wd.html Software: https://wordpress.org/plugins/ad-manager-wd Version: 1.0.11 Tested on: Win7 x64, Exploit Author...
Axway File Transfer Direct Path Traversal Vulnerability
Axway File Transfer Direct is a temporary file exchange solution from Axway France. A directory traversal vulnerability exists in Axway File Transfer Direct version 2.7.1. No details of the vulnerability are available at this time...
The vulnerability of the FTP Server component of the software controller in D-Link Central WiFi Manager allows a hacker to scan network ports and execute a “man-in-the-middle” attack.
The vulnerability of the FTP Server component of the software controller in the D-Link Central WiFi Manager’s centralized wireless network management system is related to incorrect security requirements. Exploiting this vulnerability allows a malicious actor to perform network port scanning and...
CVE-2019-6500
In Axway File Transfer Direct 2.7.1, an unauthenticated Directory Traversal vulnerability can be exploited by issuing a specially crafted HTTP GET request with %2e instead of '.' characters, as demonstrated by an initial /h2hdocumentation//%2e%2e/ substring...