Lucene search
K

812 matches found

CVE
CVE
added 2017/08/17 8:0 p.m.40 views

CVE-2017-6784

The CVE-2017-6784 issue affects Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers. The vulnerability arises in the web interface where sensitive data can be exposed in HTTP responses due to Cisco WebEx Meetings not adequately protecting data when replying to web requests. An unauthentic...

5.3CVSS5.2AI score0.01702EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/08/17 8:0 p.m.11 views

CVE-2017-6784

A vulnerability in the web interface of the Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to Cisco...

5.3AI score0.01702EPSS
Exploits0References3
Cisco
Cisco
added 2017/08/16 4:0 p.m.27 views

Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers Information Disclosure Vulnerability

A vulnerability in the web interface of the Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to Cisco...

5.3CVSS5.2AI score0.01702EPSS
Exploits0References1
Prion
Prion
added 2017/08/07 6:29 a.m.15 views

Spoofing

A vulnerability in the web interface of the Cisco Adaptive Security Appliance ASA 9.33 and 9.62 could allow an unauthenticated, remote attacker to determine valid usernames. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to the...

5CVSS7.4AI score0.02234EPSS
Exploits0References4Affected Software1
Kitploit
Kitploit
added 2017/07/27 3:12 p.m.46 views

SimplyEmail - Email Recon Made Fast And Easy

This tool was based on the work of theHarvester and kind of a port of the functionality. This was just an expansion of what was used to build theHarvester and will incorporate his work but allow users to easily build Modules for the Framework. MAJOR CALLOUTS: @laramies - Developer of theHarvester...

7.4AI score
Exploits0References3
Kitploit
Kitploit
added 2017/07/16 2:12 p.m.26 views

CloudFail - Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

CloudFail is a tactical reconnaissance tool which aims to gather enough information about a target protected by CloudFlare in the hopes of discovering the location of the server. Using Tor to mask all requests, the tool as of right now has 3 different attack phases. 1. Misconfigured DNS scan usin...

7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2017/07/05 2:56 p.m.15 views

Threat Actors Target Chinese Language News Sites

A California-based news website covering China, called China Digital Times, was targeted in a spying campaign that involved phishing lures and the use of the NetWire remote access Trojan. The attacks began in February 2017 and were part of a wider campaign of phishing, reconnaissance and malware...

0.1AI score
Exploits0References1
Kitploit
Kitploit
added 2017/07/03 3:30 p.m.19 views

AQUATONE - A Tool for Domain Flyovers

AQUATONE is a set of tools for performing reconnaissance on domain names. It can discover subdomains on a given domain by using open sources as well as the more common subdomain dictionary brute force approach. After subdomain discovery, AQUATONE can then scan the hosts for common web ports and...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2017/06/29 3:10 p.m.13 views

Gitrob - Reconnaissance Tool for GitHub Organizations

Gitrob is a command line tool which can help organizations and security professionals find sensitive information lingering in publicly available files on GitHub. The tool will iterate over all public organization and member repositories and match filenames against a range of patterns for files th...

7.2AI score
Exploits0References4
n0where
n0where
added 2017/06/19 4:46 a.m.31 views

DNS Reconnaissance: AQUATONE

DNS Reconnaissance AQUATONE is a set of tools for performing reconnaissance on domain names. It can discover subdomains on a given domain by using open sources as well as the more common subdomain dictionary brute force approach. After subdomain discovery, AQUATONE can then scan the hosts for...

6.9AI score
Exploits0References1
OSV
OSV
added 2017/06/13 6:29 a.m.2 views

CVE-2017-6673

A vulnerability in Cisco Firepower Management Center could allow an authenticated, remote attacker to obtain user information. An attacker could use this information to perform reconnaissance. More Information: CSCvc10894. Known Affected Releases: 6.1.0.2 6.2.0. Known Fixed Releases: 6.2.0...

6.5CVSS5.8AI score0.01449EPSS
Exploits0References1
Prion
Prion
added 2017/06/13 6:29 a.m.23 views

Design/Logic Flaw

A vulnerability in Cisco Firepower Management Center could allow an authenticated, remote attacker to obtain user information. An attacker could use this information to perform reconnaissance. More Information: CSCvc10894. Known Affected Releases: 6.1.0.2 6.2.0. Known Fixed Releases: 6.2.0...

4CVSS6.2AI score0.01449EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/06/13 6:0 a.m.30 views

CVE-2017-6673

A vulnerability in Cisco Firepower Management Center could allow an authenticated, remote attacker to obtain user information. An attacker could use this information to perform reconnaissance. More Information: CSCvc10894. Known Affected Releases: 6.1.0.2 6.2.0. Known Fixed Releases: 6.2.0...

6.3AI score0.01449EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/06/08 12:0 a.m.18 views

Cisco Firepower Management Center Information Disclosure Vulnerability

A vulnerability in Cisco Firepower Management Center could allow an authenticated, remote attacker to obtain user information. An attacker could use this information to perform reconnaissance. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced...

6.5CVSS6.3AI score0.01449EPSS
Exploits0References1
myhack58
myhack58
added 2017/06/06 12:0 a.m.132 views

How to pass the command injection vulnerability fix Yahoo subsidiary production servers-vulnerability warning-the black bar safety net

One, Foreword Time to get back to 5 May 20, the night before that, I spent several days time to study the Yahoo Messenger app, still can't figure out how it works, but annoying headache and neck pain and looking for me. So I decided to go for a walk, find a new target. Then I noticed a very...

10CVSS7.7AI score0.97485EPSS
Exploits11
NVD
NVD
added 2017/05/22 1:29 a.m.13 views

CVE-2017-6643

A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Virtual Directory information on an affected system. The vulnerability exists because the affected software does not sufficiently protect sensiti...

5.3CVSS5.3AI score0.02663EPSS
Exploits0References2
Prion
Prion
added 2017/05/22 1:29 a.m.13 views

Design/Logic Flaw

A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Order information on an affected system. The vulnerability exists because the affected software does not sufficiently protect sensitive data when...

5CVSS5.2AI score0.02663EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/05/22 1:29 a.m.10 views

Design/Logic Flaw

A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability exists because the affected software does not sufficiently protect sensitive data when...

5CVSS5.2AI score0.02663EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/05/22 1:29 a.m.15 views

Design/Logic Flaw

A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Temporary File information on an affected system. The vulnerability exists because the affected software does not sufficiently protect sensitive...

5CVSS5.2AI score0.02663EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/05/22 1:29 a.m.18 views

Design/Logic Flaw

A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability exists because the affected software does not sufficiently protect sensitive data when...

5CVSS5.2AI score0.02663EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder