2064 matches found
CVE-2016-0854
creationtimestamp| type| source ---|---|--- 2016-04-26 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39735 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/advantechwebaccessdashboardfileupload.rb 2025-02-0...
samba: Spoofing vulnerability when domain controller is configured
It was discovered that Samba configured as a Domain Controller would establish a secure communication channel with a machine using a spoofed computer name. A remote attacker able to observe network traffic could use this flaw to obtain session-related information about the spoofed machine...
CVE-2015-8651
creationtimestamp| type| source ---|---|--- 2016-01-06 08:54:29+00:00| seen| MISP/568cd28a-d9b4-4fb9-a5d5-4674950d210f 2016-03-14 15:06:41+00:00| seen| MISP/56e2de34-582c-49f9-8b64-084395ca48b7 2016-07-07 14:45:11+00:00| seen| MISP/577e6af5-875c-4efd-a836-100795ca48b7 2017-01-13 00:48:04+00:00|...
JBOSS found Java deserialization remote command execution vulnerability-vulnerability warning-the black bar safety net
Recently, many articles on the jboss java deserialization vulnerability the article vibe in the network. So in the end is not as long as with jboss will the existence of this vulnerability? And this vulnerability in the end how much? What is deserialization vulnerability? In fact, the java...
Microsoft Office 2007 - 'mso.dll' Arbitrary Free (MS15-081)
Source: https://code.google.com/p/google-security-research/issues/detail?id=417&can=1 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug did not reproduce in Office...
CVE-2014-8739
creationtimestamp| type| source ---|---|--- 2015-04-21 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36811 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wpcreativecontactformfileupload.rb 2025-08-20...
CVE-2015-0941
CVE-2015-0941 : The Inetc plug‑in for NSIS does not validate SSL certificates, enabling MITM attacks that could spoof servers and potentially execute arbitrary code during download of Windows executables. Affected: NSIS Inetc plug‑in (used in FOE and other products). Impact: possible arbitrary co...
CVE-2015-0002
creationtimestamp| type| source ---|---|--- 2015-01-01 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/35661 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/ntapphelpcachecontrol.rb 2025-02-06 03:13:42+00:00...
CVE-2014-6034
creationtimestamp| type| source ---|---|--- 2014-10-02 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/34867 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/opmanagersocialitfileupload.rb 2025-02-06...
CVE-2013-7409
creationtimestamp| type| source ---|---|--- 2014-03-03 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32041 2014-03-05 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32074 2018-05-29 15:50:33+00:00| seen|...
CVE-2012-2125
RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack...
CVE-2012-2125
RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack...
CVE-2012-2543
creationtimestamp| type| source ---|---|--- 2013-09-19 14:49:43+00:00| seen| MISP/523b0e26-4208-4c6c-aadc-03ebac1d4fa4 2025-08-31 03:13:09+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...
[SECURITY] Fedora 18 Update: kblackbox-4.10.5-1.fc18
KBlackBox is a game of hide and seek played on a grid of boxes. The computer has hidden several balls within this box. By shooting beams into the box and observing where they emerge it is possible to deduce the positions of the hidden balls. The fewer beams you use and the quicker you are to find...
CVE-2013-3248
creationtimestamp| type| source ---|---|--- 2013-07-13 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/26805 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/corelpdffusionbof.rb 2025-02-06 03:13:41+00:0...
CVE-2013-1493
creationtimestamp| type| source ---|---|--- 2013-03-29 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/24904 2013-09-23 10:00:35+00:00| seen| MISP/523c662f-2958-4aaf-a65e-4005950d2109 2014-02-27 09:03:19+00:00| seen| MISP/530efe60-c084-4934-b3db-6e9aac1d4fa4 2014-05-24...
CVE-2012-4969
creationtimestamp| type| source ---|---|--- 2012-10-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/21840 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ieexeccommanduaf.rb 2020-10-09 16:56:09+00:00|...
Scientific Linux Security Update : tzdata on SL3.x, SL4.x, SL5.x i386/x86_64
This update addresses several changes in Daylight Savings Time DST observation including the following : - on February 17th 2010, it was announced that Paraguay would extend its 2010 DST observance to Sunday, 11th April 2010. It had been scheduled to end on Sunday, 14th March 2010. The same...
CVE-2012-2125
RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack...
CVE-2008-1602
creationtimestamp| type| source ---|---|--- 2012-02-23 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18515 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/orbitdownloadfailedbof.rb 2025-02-06...