574 matches found
Jupyter Notebook JavaScript Malicious Fake File Vulnerability
Jupyter Notebook is a suite of open source web applications for creating and sharing code and illustrative text documents. A security vulnerability exists in Jupyter Notebook versions prior to 5.4.1. An attacker can exploit this vulnerability to execute JavaScript code in a notepad context with t...
iOS < 11.1 / tvOS < 11.1 / watchOS < 4.1 - Denial of Service Exploit
Exploit for iOS platform in category dos / poc Exploit Title: TpwnT - iOS Denail of Service POC Date: 10-31-2017 Exploit Author: Russian Otter Ro Vendor Homepage: https://support.apple.com/en-us/HT208222 Version: 2.1 Tested on: iOS 10.3.2 - 11.1 CVE: CVE-2017-13849 """ -------------------------...
iOS < 11.1 / tvOS < 11.1 / watchOS < 4.1 - Denial of Service
Exploit Title: TpwnT - iOS Denail of Service POC Date: 10-31-2017 Exploit Author: Russian Otter Ro Vendor Homepage: https://support.apple.com/en-us/HT208222 Version: 2.1 Tested on: iOS 10.3.2 - 11.1 CVE: CVE-2017-13849 """ ------------------------- CVE-2017-13849 TpwnT by Ro of SavSec...
notepad-plus-plus.org XSS vulnerability
Open Bug Bounty ID: OBB-385810 Description| Value ---|--- Affected Website:| notepad-plus-plus.org Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...
How to obtain expiration date of the "Distribution Provisioning Profile (.MOBILEPROVISION)" file of an iOS (.iPA) application
What is the "Distribution Provisioning Profile .MOBILEPROVISION" File used by Apple Xcode, a software developmentIDEoften used for creating iPhone apps; contains a provisioning profile, which allows an app to be uploaded to a limited number of iPhones or iPads while it is still in development. Yo...
Notepad++ Hex Editor Plugin BOF Vulnerability (Aug 2017)
Notepad++ is prone to a buffer overflow BOF vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Notepad++ Buffer Overflow Vulnerability (CNVD-2017-13995)
Notepad++ is a free plain text editor developed by software developer Don Ho. It can be used to create plain text help files, and is also suitable for use as an editor for writing computer programs.Hex Editor Plugin is an editor used in... A buffer overflow vulnerability exists in Notepad++. An...
CVE-2017-8803
Notepad++ 7.3.3 32-bit with Hex Editor Plugin v0.9.5 might allow user-assisted attackers to execute code via a crafted file, because of a "Data from Faulting Address controls Code Flow" issue. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues...
CVE-2017-8803
Notepad++ 7.3.3 32-bit with Hex Editor Plugin v0.9.5 might allow user-assisted attackers to execute code via a crafted file, because of a "Data from Faulting Address controls Code Flow" issue. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues...
Design/Logic Flaw
Notepad++ 7.3.3 32-bit with Hex Editor Plugin v0.9.5 might allow user-assisted attackers to execute code via a crafted file, because of a "Data from Faulting Address controls Code Flow" issue. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues...
CVE-2017-8803
Notepad++ 7.3.3 32-bit with Hex Editor Plugin v0.9.5 might allow user-assisted attackers to execute code via a crafted file, because of a "Data from Faulting Address controls Code Flow" issue. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues...
CVE-2017-8803
Notepad++ 7.3.3 (32-bit) with Hex Editor Plugin v0.9.5 is affected by CVE-2017-8803 due to a Data from Faulting Address controls Code Flow vulnerability. An attacker can trigger arbitrary code execution by processing a specially crafted file, potentially remotely, leading to user-assisted or remo...
KLA11062 Arbitrary code execution vulnerability in Notepad++
An unspecified vulnerability was found in Notepad++ 7.3.3 with Hex Editor Plugin v0.9.5. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file or an untrusted specially designed file from a remote...
Heap Overflow Vulnerability in Notepad++ MIME Tools Plugin 2.1 memove Function
Notepad++ is a free plain text editor. A heap overflow vulnerability exists in the Notepad++ MIME Tools Plugin 2.1 memove function, which can be exploited by a remote attacker to construct a special text file that can be tricked into parsing by the application, which can crash the application...
KLA10972 CIA hacking issue in Notepad++
An issue of a hijacked DLL was found in Notepad++. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a sciexer.dll, which is replaced by version of sciexer.dll built by CIA. Technical details This vulnerability has...
ColorNote Notepad Notes - Customized SSL, Exported ContentProvider vulnerabilities
HackApp vulnerability scanner discovered that application ColorNote Notepad Notes published at the 'play' market has multiple vulnerabilities...
NetWire RAT Back, Stealing Payment Card Data
The remote access Trojan NetWire is back and this time making the rounds pilfering payment card data. The move is a shift for attackers behind notorious NetWire, that was once thought to be the first multi-platform RAT. Over the last couple of years payment card breaches have been mostly synonymo...
Street Fighter 5 - 'Capcom.sys' Kernel Execution (Metasploit) Exploit
Exploit for windows platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/post/windows/reflectivedllinjection' require 'rex' class MetasploitModule...
Notepad++ Native Code Execution Vulnerability
Notepad++ is a free plain text editor developed by software developer Don Ho, which can be used to create plain text help files and is also suitable for use as an editor for writing computer programs. A local code execution vulnerability exists in Notepad++. A local attacker could exploit this...
notepad-plus-plus.org XSS vulnerability
Vulnerable URL: https://notepad-plus-plus.org/community/?lang=%27-prompt%28%27OPENBUGBOUNTY%27%29-%27 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 7593 VIP website status:| Yes...