Lucene search
K

2294 matches found

FireEye
FireEye
added 2016/07/27 10:0 a.m.17 views

Red Team Tool Roundup

In many cases Red Team tools are not written because someone feels like writing a tool, or wakes up one morning thinking, “I want to write a tool today”. Red Teamers generally identify tedious tasks in their methodology and then create tools that automate these tasks for current and future...

0.8AI score
Exploits0
CVE
CVE
added 2016/06/10 3:0 p.m.218 views

CVE-2016-4429

CVE-2016-4429: In glibc, a stack-based buffer overflow in sunrpc/clnt_udp.c:clntudp_call can be triggered by a flood of crafted ICMP/UDP packets, enabling a remote attacker to cause a denial of service (crash) and possibly other impact. Connected docs confirm the issue as a buffer overflow in the...

5.9CVSS6.8AI score0.03922EPSS
Exploits0References11Affected Software2
myhack58
myhack58
added 2016/06/09 12:0 a.m.33 views

CVE-2 0 1 6-2 5 6 3 vulnerability analysis and exploit-vulnerability warning-the black bar safety net

0x01 vulnerability description Using putty's pscp components can achieve the Windows and theLinux serverbetween the remote copy of the file. Recently 3 to on 7, broke the pscp in the presence of a buffer overflow vulnerability, when from the server-side copy of the file, the pscp client the sscan...

0.34216EPSS
Exploits4
CNVD
CNVD
added 2016/05/14 12:0 a.m.1 views

File Replication Pro Information Disclosure Vulnerability

File Replication Pro is a file management solution for backing up, copying files from different network nodes. An information disclosure vulnerability exists in File Replication Pro version 7.2.0 and earlier. As File Replication Pro allows a malicious user to access arbitrary files on a remote...

6.6AI score
Exploits0References1
CVE
CVE
added 2016/05/10 7:0 p.m.126 views

CVE-2016-4555

CVE-2016-4555 affects Squid 3.x (before 3.5.18) and 4.x (before 4.0.10); DoS/crash via crafted Edge Side Includes (ESI) responses due to incorrect pointer handling and ref-counting. Connected advisories indicate fixes in Squid 3.4.8-6+deb8u3 and 3.5.19-1 (Debian), CentOS/RHSA advisories, and Fedo...

7.5CVSS7.5AI score0.5392EPSS
Exploits1References16Affected Software1
CNVD
CNVD
added 2016/05/07 12:0 a.m.2 views

Libpam-sshauth Local Privilege Vulnerability

libpam-sshauth is a PAM module that can be used to authenticate users on a local computer by connecting to a remote server via ssh. A programming error in libpam-sshauth allows local attackers to exploit this vulnerability to gain root privileges...

10CVSS7AI score0.01803EPSS
Exploits0References1
Fedora
Fedora
added 2016/05/04 6:54 p.m.8 views

[SECURITY] Fedora 23 Update: obs-signd-2.2.1-8.fc23

The OpenSUSE Build Service sign client and daemon. This daemon can be used to sign anything via gpg by communicating with a remote server to avoid the need to host the private key on the same server...

2.4AI score
Exploits0
OSV
OSV
added 2016/05/02 10:59 a.m.2 views

DEBIAN-CVE-2015-8746

fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service NULL pointer dereference and panic via crafted network traffic...

7.5CVSS7.2AI score0.03044EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/04/21 12:0 a.m.22 views

NetIQ Sentinel Detection

Detection of NetIQ Sentinel The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/04/19 12:0 a.m.6 views

The vulnerability of the operating system for Clustered Data ONTAP storage systems allows a attacker to obtain confidential information or replace servers.

The vulnerability of the Clustered Data ONTAP operating system exists due to the lack of verification of X.509 certificate checks for the TLS server. Exploiting this vulnerability allows a malicious actor to replace the server remotely or obtain confidential information using a specially crafted...

5.8CVSS6.7AI score0.00584EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2016/04/12 2:59 p.m.7 views

CVE-2015-8702

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service netsplit via an invalid character in a PTR response, as demonstrated by a "\032" whitespace character in a hostname...

8.6CVSS8.2AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2016/04/12 2:59 p.m.14 views

CVE-2015-8702

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service netsplit via an invalid character in a PTR response, as demonstrated by a "\032" whitespace character in a hostname...

8.6CVSS7.2AI score0.02282EPSS
Exploits1References3
OSV
OSV
added 2016/04/11 3:59 p.m.10 views

CVE-2012-6700

The decodesearch function in dhcp.c in dhcpcd 3.x does not properly free allocated memory, which allows remote DHCP servers to cause a denial of service via a crafted response...

7.5CVSS7.2AI score
Exploits0References5
OSV
OSV
added 2016/04/11 3:59 p.m.10 views

CVE-2012-6699

The decodesearch function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service out-of-bounds read via a crafted response...

7.5CVSS7.2AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/04/08 12:0 a.m.30 views

Drupal 7.x < 7.38 Multiple Vulnerabilities

Binary data 9217.prm...

5.8CVSS6.4AI score0.02763EPSS
Exploits0References7
myhack58
myhack58
added 2016/04/08 12:0 a.m.14 views

Secret of how to use Python black off intelligent boiler-vulnerability warning-the black bar safety net

! Citation Last year I bought a new condensing boilerhome heating, so consider the above there must be a“smart thermostat”, and select also many, including Google, Nest, Hive, the British Gas Company design and Worcester·Bosch‘Wave’of. But in the end chose the latter. ! Finally it is installed in...

7.1AI score
Exploits0
0day.today
0day.today
added 2016/04/01 12:0 a.m.38 views

Adobe Flash - URLStream.readObject Use-After-Free

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=611 There is a use-after-free in URLStream.readObject. If the object read is a registered class, the constructor will get invoked to create the object. If the constructor calls...

10CVSS8.9AI score0.31634EPSS
Exploits1
Debian
Debian
added 2016/03/20 6:36 p.m.85 views

[SECURITY] [DSA 3522-1] squid3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3522-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 20, 2016 https://www.debian.org/security/faq -...

7.5CVSS7.6AI score0.09288EPSS
Exploits0
OSV
OSV
added 2016/03/20 12:0 a.m.27 views

DSA-3522-1 squid3 - security update

Bulletin has no description...

7.5CVSS7.5AI score0.09288EPSS
Exploits0
OSV
OSV
added 2016/02/27 5:59 a.m.8 views

CVE-2016-2569

Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service assertion failure and daemon exit via a long string, as demonstrated by a crafted HTTP Vary header...

7.5CVSS7.4AI score
Exploits0References11
Rows per page
Query Builder