Lucene search
K

1156 matches found

n0where
n0where
added 2018/12/03 11:15 p.m.97 views

Kernel-Mode Rootkit Hunter: Tyton

Loadable kernel modules, LKMs for short, are an integral companion to the Linux kernel. Typically, LKMs are used to add support for new hardware as device drivers or file systems or add additional system calls. Without LKMs, an operating system would have to include all possible anticipated...

0.3AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2018/11/09 12:0 a.m.7 views

The vulnerability of the WLS Core Components of the Oracle WebLogic Server application server allows a hacker to execute arbitrary code.

The vulnerability of the WLS Core Components component of the Oracle WebLogic Server application server is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the T3 network protocol from a remote location...

10CVSS8.3AI score0.63188EPSS
Exploits0References5Affected Software1
Debian
Debian
added 2018/10/12 8:45 p.m.32 views

[SECURITY] [DSA 4315-1] wireshark security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4315-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 12, 2018 https://www.debian.org/security/faq -...

7.5CVSS8.6AI score0.03459EPSS
Exploits0
CNVD
CNVD
added 2018/10/09 12:0 a.m.1 views

Samsung SCX-6545X Sensitive Authentication Credentials Disclosure Vulnerability

The Samsung SCX-6545X is a multifunctional printing device. A security vulnerability exists in the Samsung SCX-6545X, which allows remote attackers to exploit the vulnerability to submit a special SNMP request to obtain sensitive information...

9.8CVSS9.3AI score0.01367EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/10/09 12:0 a.m.8 views

PT-2018-2078 · Microsoft · Windows 10 Servers +6

Name of the Vulnerable Software and Affected Versions: Windows Server 2012 R2 Windows RT 8.1 Windows Server 2016 Windows 8.1 Windows 10 Windows 10 Servers Description: An information disclosure issue exists due to the improper handling of fragmented IP packets by the Windows TCP/IP stack. This ca...

7.5CVSS7.7AI score0.08421EPSS
Exploits0References8
OSV
OSV
added 2018/10/05 2:29 p.m.4 views

CVE-2018-0455

A vulnerability in the Server Message Block Version 2 SMBv2 and Version 3 SMBv3 protocol implementation for the Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the device to run low on system memory, possibly preventing the device from forwarding traffic. ...

7.5CVSS5.8AI score0.01485EPSS
Exploits0References1
Talos
Talos
added 2018/09/25 12:0 a.m.54 views

Epee Levin Packet Deserialization Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the Levin deserialization functionality of the epee library. A specially crafted network packet can cause a logic flaw, resulting in code execution. An attacker can send a packet to trigger this vulnerability. Tested Versions Monero...

10CVSS9.7AI score0.03686EPSS
Exploits1
exploitpack
exploitpack
added 2018/08/19 12:0 a.m.25 views

SEIG SCADA System 9 - Remote Code Execution

SEIG SCADA System 9 - Remote Code Execution Title: SEIG SCADA SYSTEM 9 - Remote Code Execution Author: Alejandro Parodi Date: 2018-08-17 Vendor Homepage: https://www.schneider-electric.com Software Link:...

10CVSS0.4AI score0.21262EPSS
Exploits8
Kitploit
Kitploit
added 2018/08/15 9:12 p.m.14 views

Polymorph - A Real-Time Network Packet Manipulation Framework With Support For Almost All Existing Protocols

Polymorph is a framework written in Python 3 that allows the modification of network packets in real time, providing maximum control to the user over the contents of the packet. This framework is intended to provide an effective solution for real-time modification of network packets that implemen...

6.8AI score
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2018/08/10 12:0 a.m.6 views

The vulnerability of the InnoDB component of the MySQL database management system allows a hacker to gain unauthorized access to protected data or cause service failures.

The vulnerability of the InnoDB component of the MySQL database management system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected data and cause network protocol-related service failure...

7.5CVSS7.2AI score0.03162EPSS
Exploits0References3Affected Software5
FireEye
FireEye
added 2018/06/07 10:0 a.m.526 views

A Totally Tubular Treatise on TRITON and TriStation

Introduction In December 2017, FireEye's Mandiant discussed an incident response involving the TRITON framework. The TRITON attack and many of the publicly discussed ICS intrusions involved routine techniques where the threat actors used only what is necessary to succeed in their mission. For bot...

7.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/06/07 12:0 a.m.5 views

The vulnerability of the Junos operating system, related to packet processing errors in CLNP, allows a attacker to execute arbitrary code or trigger a kernel error.

The vulnerability of the Junos operating system is related to errors in packet processing within the CLNP protocol. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or trigger a kernel error by using specially crafted CLNP packets...

8.5CVSS6AI score0.0423EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2018/05/09 8:29 p.m.19 views

CVE-2017-14480

In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for FreeBSD, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

10CVSS9.8AI score0.06084EPSS
Exploits2References1
Cvelist
Cvelist
added 2018/05/09 8:0 p.m.27 views

CVE-2017-14479

In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

9.8CVSS9.8AI score0.06084EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2018/04/20 12:0 a.m.39 views

Juniper Junos Connectionless Network Protocol (CLNP) Packet Handling Unspecified Remote Code Execution / DoS (JSA10844)

According to its self-reported version number, the remote Juniper Junos device is affected by an unspecified flaw that is triggered when handling Connectionless Network Protocol CLNP packets. This allows a remote attacker to crash a device or execute arbitrary code. Note: This issue is only...

9.8CVSS8.6AI score0.0423EPSS
Exploits0References2
Debian
Debian
added 2018/04/18 8:15 p.m.37 views

[SECURITY] [DLA 1353-1] wireshark security update

Package : wireshark Version : 1.12.1+g01b65bf-4+deb8u6deb7u10 CVE ID : CVE-2018-7322 CVE-2018-7323 CVE-2018-7324 CVE-2018-7332 CVE-2018-7334 CVE-2018-7335 CVE-2018-7336 CVE-2018-7337 CVE-2018-7417 CVE-2018-7418 CVE-2018-7419 CVE-2018-7420 It was discovered that wireshark, a network protocol...

7.5CVSS8.5AI score0.02743EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/04/12 12:0 a.m.6 views

The vulnerability of the Kernel component of the Solaris operating system, which allows a hacker to trigger a service failure

The vulnerability of the Kernel component of the Solaris operating system is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures using the ICMP protocol...

7.8CVSS7.8AI score0.0243EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2018/04/10 12:0 a.m.20 views

tcpdump: Buffer over-read in print-isoclns.c:isoclns_print() in ISO CLNS parser

The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclnsprint...

9.8CVSS7.6AI score0.02527EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2018/04/09 12:0 a.m.63 views

CyberArk Password Vault < 9.7 / < 10 - Memory Disclosure

Advisory: CyberArk Password Vault Memory Disclosure Data in the CyberArk Password Vault may be accessed through a proprietary network protocol. While answering to a client's logon request, the vault discloses around 50 bytes of its memory to the client. Details ======= Product: CyberArk Password...

5.3CVSS5.2AI score0.14116EPSS
Exploits12
0day.today
0day.today
added 2018/04/09 12:0 a.m.68 views

CyberArk Password Vault < 9.7 / < 10 - Memory Disclosure Vulnerability

Exploit for linux platform in category dos / poc Advisory: CyberArk Password Vault Memory Disclosure Data in the CyberArk Password Vault may be accessed through a proprietary network protocol. While answering to a client's logon request, the vault discloses around 50 bytes of its memory to the...

0.14116EPSS
Exploits12
Rows per page
Query Builder