Lucene search
K

2294 matches found

Exploit DB
Exploit DB
added 2013/10/08 12:0 a.m.524 views

davfs2 1.4.6/1.4.7 - Local Privilege Escalation

davfs2 1.4.6/1.4.7 local privilege escalation exploit Bug Description: davfs2 is a Linux utility which allows OS users to mount a remote webdav server as a local partition. The bug is well documented at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723034. Basically the program "mount.davfs"...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/10/06 12:0 a.m.18 views

GLSA-201310-02 : isync: Man-in-the-Middle attack

The remote host is affected by the vulnerability described in GLSA-201310-02 isync: Man-in-the-Middle attack isync does not properly verify the servers hostname against the CN field in the SSL certificate. Impact : A remote server could perform man-in-the-middle attacks to disclose passwords or...

4.3CVSS5.5AI score0.01326EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2013/08/07 2:7 p.m.17 views

Google WebLogin Tokens Expose Google Apps, User Data

An exposure in the way Google handles authentication is an illustration of the unintended consequences of trading security for a little bit of convenience. Craig Young, a researcher from security company Tripwire, demonstrated at Def Con over the weekend how an Android single sign-on token known ...

7.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2013/08/07 12:53 p.m.15 views

Tor Users Should Leave Insecure Windows Operating System

In a critical security advisory issued over the weekend, the Tor Project told its users that they should seriously consider migrating away from Microsoft’s Windows operating system and disabling JavaScript. The Tor Project security advisory was a response to revelations on Sunday that an attack h...

1.5AI score
Exploits0References3
The Hacker News
The Hacker News
added 2013/07/11 5:4 p.m.5 views

Malicious Pinterest browser plugin stealing passwords and spreading spam

Social networking sites are unfortunately now major interest to malicious cyber criminals, spreading malware and building botnet army to steal money direct from your keyboards. Janne Ahlberg, a security professional from Finland found and analysed an interesting piece of malicious code, offered a...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2013/07/01 5:34 a.m.28 views

Android based hacking tool to steal passwords from connected computers

A recently discovered new form of Android malware called USB Cleaver can not only infect your smartphone, but also targets your PC to steal sensitive information from it. A hacking tool discovered by analysts at F-Secure, which is capable of stealing information from a connected Windows machine...

6.5AI score
Exploits0
w3af
w3af
added 2013/06/10 11:2 p.m.216 views

frontpage

This plugin audits the frontpage extension configuration by trying to upload a file to the remote server using the author.dll script provided by FrontPage. Plugin type Audit Options Name | Type | Default Value | Description | Help ---|---|---|---|--- stopOnFirst | boolean | True | Stop on the fir...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2013/06/02 4:46 a.m.28 views

KRBanker Malware Targeting Korean Financial Institutions

A recently discovered piece of malware called KRBanker Korea + Banker = KRBanker , targeting mostly online end-users at Korean financial institutions. According to nProtect, now an invasive banking Trojan, the new and improved KRBanker can block anti-virus software, security websites and even oth...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/05/17 12:0 a.m.24 views

Mutiny < 5.0-1.11 Multiple Directory Traversals

The remote server hosts a version of Mutiny prior to 5.0-1.11. It is, therefore, reportedly affected by multiple directory traversal vulnerabilities that could allow an authenticated attacker to upload, delete, and move files on the remote system with root privileges. The functions for UPLOAD,...

8.5CVSS5.5AI score0.40338EPSS
Exploits8References2
The Hacker News
The Hacker News
added 2013/03/20 4:27 p.m.6 views

New Mac OS X adware Trojan spreading via browser plugin

Russian anti-virus company Doctor Web reports that a new Mac OS X adware Trojan spreading itself via crafted movie trailer pages that prompt users to install a browser plugin. Basically, an adware is any software package which automatically renders advertisements in order to generate revenue for...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2013/03/20 5:27 a.m.11 views

New Mac OS X adware Trojan spreading via browser plugin

Russian anti-virus company Doctor Web reports that a new Mac OS X adware Trojan spreading itself via crafted movie trailer pages that prompt users to install a browser plugin. Basically, an adware is any software package which automatically renders advertisements in order to generate revenue for...

6.8AI score
Exploits0
OpenVAS
OpenVAS
added 2013/03/13 12:0 a.m.27 views

Microsoft Office Outlook Information Disclosure Vulnerability (2813682) - Mac OS X

This host is missing an important security update according to Microsoft Bulletin MS13-026. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5CVSS5AI score0.20801EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2013/03/12 8:31 a.m.14 views

Android SwiftKey Keyboard turned into a Keylogger app

One of the best 3rd party Android Mobile Keyboard called 'SwiftKey' turned into a Keylogger Trojan by an Android developer to show the possible security threat of using pirated cracked apps from from non-official App Stores, "anyone pirating Swiftkey is taking a serious risk" developer said to 'T...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2013/03/11 9:31 p.m.15 views

Android SwiftKey Keyboard turned into a Keylogger app

One of the best 3rd party Android Mobile Keyboard called 'SwiftKey' turned into a Keylogger Trojan by an Android developer to show the possible security threat of using pirated cracked apps from from non-official App Stores, "anyone pirating Swiftkey is taking a serious risk" developer said to 'T...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2013/03/11 12:0 a.m.43 views

Privoxy 3.0.20-1 Credential Exposure

Privoxy Proxy Authentication Credential Exposure Product: Privoxy Project Homepage: privoxy.org Advisory ID: c22-2013-01 Vulnerable Versions: 3.0.20 and possibly prior Tested Version: 3.0.20-1 tested using Debian Sid Vendor Notification: March 6, 2013 Public Disclosure: March 11, 2013 Vulnerabili...

5.8CVSS7.5AI score0.04632EPSS
Exploits2
Cent OS
Cent OS
added 2013/02/27 7:34 p.m.76 views

dovecot security update

CentOS Errata and Security Advisory CESA-2013:0520 Updated dovecot packages that fix three security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS...

6.5CVSS5.9AI score0.02206EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2013/02/22 12:0 a.m.34 views

RedHat Update for dovecot RHSA-2013:0520-02

Check for the Version of dovecot OpenVAS Vulnerability Test RedHat Update for dovecot RHSA-2013:0520-02 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.5CVSS5.5AI score0.02206EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2013/02/20 4:19 p.m.33 views

Low: Red Hat Security Advisory: dovecot security and bug fix update

Updated dovecot packages that fix three security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

6.5CVSS5.9AI score0.02206EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2013/01/27 1:12 p.m.11 views

Dissecting a mobile malware

The capillary diffusion of mobile devices, the lack of security systems on these platforms and low level of awareness on principal cyber threats made them a privileged target for cybercrime. We have assisted in the recent year to an explosion of malware designed to hit principal mobile OSs, in a...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2013/01/27 2:12 a.m.20 views

Dissecting a mobile malware

The capillary diffusion of mobile devices, the lack of security systems on these platforms and low level of awareness on principal cyber threats made them a privileged target for cybercrime. We have assisted in the recent year to an explosion of malware designed to hit principal mobile OSs, in a...

7.1AI score
Exploits0
Rows per page
Query Builder