CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

378 matches found

Kitploit•added 2014/07/15 3:3 a.m.•14 views

Dirs3arch - HTTP(S) Directory/File Brute Forcer

dirs3arch is a simple command line tool designed to brute force directories and files in websites. Features Keep alive connections Multithreaded Detect not found web pages when 404 not found errors are masked .htaccess, web.config, etc. Recursive brute forcing Usage: dirs3arch.py -u|--url target...

7.3AI score

Exploits0References1

seebug.org•added 2014/07/01 12:0 a.m.•25 views

ProSysInfo TFTP server TFTPDWIN <= 0.4.2 Univ. Remote BOF Exploit

No description provided by source. !/usr/bin/perl ProSysInfo TFTP server TFTPDWIN = 0.4.2 Universal Remote Buffer Overflow Exploit Works on all Windows versions. ---------------------------------------- Exploit by SkD [email protected] Let's take a description from their page at:...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•17 views

Apple OS X iTunes 8.1.1 ITMS Overflow

No description provided by source. $Id: itmsoverflow.rb 10998 2010-11-11 22:43:22Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•24 views

Simple Machines Forum 1.1.3 - Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl Written By Michael Brooks contact: th3dotr00katgmaildotcom SMF 1.1.3 Extremely fast Blind SQL Injection Exploit! -Binary Search -Multi-Threaded -NO benchmark's Two SQL Injection flaws. Works with magicquotesgpc=On or Off. Total Bypass of SMF's SQL...

6.7AI score

Exploits0

Positive Technologies•added 2014/06/26 12:0 a.m.•1 views

PT-2017-6406 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.15.2 Description: A race condition in the ip4 datagram release cb function allows local users to gain privileges or cause a denial of service use-after-free by leveraging incorrect expectations about locking...

7.8CVSS6.9AI score0.14138EPSS

Exploits0References215

Tenable Nessus•added 2014/06/13 12:0 a.m.•25 views

openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0965-2)

Multithreaded OpenSSL servers using the TLS server extension are vulnerable to a buffer overrun attack CVE-2010-3864. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libopenssl-devel-3562. The...

7.6CVSS7.8AI score0.04817EPSS

Exploits0References3

Kitploit•added 2014/06/10 10:15 p.m.•58 views

Nosql-Exploitation-Framework - A FrameWork For NoSQL Scanning and Exploitation Framework

A FrameWork For NoSQL Scanning, Enumeration and Exploitation. NoSQL Databases are schema less databases. They were invented to store data easily and flexibly. NoSQL Databases have gained popularity and its security has always been under the scanner. The NoSQL Exploitation Framework focuses...

7.4AI score

Exploits0References3

RedHat Linux•added 2014/06/10 12:23 p.m.•3 views

openssl: freelist misuse causing a possible use-after-free

Race condition in the ssl3readbytes function in s3pkt.c in OpenSSL through 1.0.1g, when SSLMODERELEASEBUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service use-after-free and parsing error via an SSL connection in a multithreaded environment...

4CVSS6.6AI score0.15758EPSS

Exploits0References5

OSV•added 2014/04/14 10:38 p.m.•1 views

DEBIAN-CVE-2010-5298

4CVSS9.3AI score0.15758EPSS

Exploits0References1

Prion•added 2014/04/14 10:38 p.m.•21 views

Race condition

4CVSS7.3AI score0.15758EPSS

Exploits0References82Affected Software7

CVE•added 2014/04/14 4:0 p.m.•185 views

CVE-2010-5298

CVE-2010-5298 – OpenSSL race condition in ssl3_read_bytes (s3_pkt.c) . OpenSSL versions up to 1.0.1g are affected when SSL_MODE_RELEASE_BUFFERS is enabled, enabling a remote attacker to inject data across sessions or cause a denial of service (use-after-free and parsing error) over an SSL connect...

4CVSS7AI score0.15758EPSS

Exploits0References82Affected Software1

Debian CVE•added 2014/04/14 4:0 p.m.•36 views

CVE-2010-5298

4CVSS7.4AI score0.15758EPSS

Exploits0

Cvelist•added 2014/04/14 4:0 p.m.•25 views

CVE-2010-5298

7.1AI score0.15758EPSS

Exploits0References82

UbuntuCve•added 2014/04/14 12:0 a.m.•42 views

CVE-2010-5298

4CVSS7AI score0.15758EPSS

Exploits0References6

OpenSSL•added 2014/04/08 12:0 a.m.•62 views

Vulnerability in OpenSSL - SSL_MODE_RELEASE_BUFFERS session injection or denial of service

A race condition in the ssl3readbytes function can allow remote attackers to inject data across sessions or cause a denial of service. This flaw only affects multithreaded applications using OpenSSL 1.0.0 and 1.0.1, where SSLMODERELEASEBUFFERS is enabled, which is not the default and not common...

7AI score0.15758EPSS

Exploits0Affected Software1

OSV•added 2014/02/14 3:55 p.m.•1 views

DEBIAN-CVE-2014-1950

Use-after-free vulnerability in the xccpupoolgetinfo function in Xen 4.1.x through 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xccpumapalloc function, which allows local users with access to management functions to cause a denial of service heap corrupti...

4.6CVSS6.8AI score0.00083EPSS

Exploits0References1