Lucene search
K

2293 matches found

Gentoo Linux
Gentoo Linux
added 2012/04/17 12:0 a.m.25 views

Perl DBD-Pg Module: Arbitrary code execution

Background DBD-Pg is a PostgreSQL interface module for Perl. Description Format string vulnerabilities have been found in the the "pgwarn" and "dbdstprepare" functions in dbdimp.c. Impact A remote PostgreSQL server could send specially crafted database warnings or DBD statements, possibly resulti...

5CVSS7.1AI score0.02744EPSS
Exploits0
The Hacker News
The Hacker News
added 2012/04/12 10:52 a.m.14 views

Legacy Native Malware in Angry Birds Space to pwn your Android !

Legacy Native Malware in Angry Birds Space to pwn your Android A new malware threatens phones and tablets running Google's OS by hiding inside a copy of the popular game. Researchers at the mobile security firm Lookout identified the reworked malware as Legacy Native LeNa, which poses as a...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/03/29 12:0 a.m.33 views

HP Data Protector DPNECentral Web Service Detection

HP Data Protector DPNECentral Web Service, a component of HP Data Protector for managing backup policies, is hosted on the remote web server. This service is installed with HP Data Protector for PCs, HP Data Protector Notebook Extension, and possibly other HP Data Protector software. C Tenable...

5.5AI score
Exploits0References1
Exploit DB
Exploit DB
added 2012/03/16 12:0 a.m.24 views

Tiny Server 1.1.5 - Arbitrary File Disclosure

!/usr/bin/perl -w Title : Tiny Server v1.1.5 Arbitrary File Disclosure Exploit Author : KaHPeSeSe Test : PERFECT XP PC1 / SP3 Date : 15/03/2012 Thanks : exploit-db.com use LWP::Simple; use LWP::UserAgent; system'color','A'; system'cls'; print "\n\t\n"; print "\n\t....... Tiny Server v1.1.5...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2012/03/15 2:15 p.m.7 views

Android Malware Stealing Online Banking Credentials

Malware that targets Android phones has been on a steady rise for the last couple of years, and much of it has come in the form of compromised apps or outright malicious apps disguised as games or utilities. But now researchers have come across a new Android threat that is designed specifically t...

0.6AI score
Exploits0References2
ThreatPost
ThreatPost
added 2012/02/22 3:45 p.m.94 views

Waves of Attacks Target Adobe Reader Bug From 2010

Thanks to the wonderful tendency of users not to update their applications, old vulnerabilities never die, they just get overtaken by newer and shinier ones. The attackers know this well, and every once in a while they serve up a nice reminder to the rest of us. The most recent one of these is a...

9.3CVSS0.8AI score0.88246EPSS
Exploits12References3
Tenable Nessus
Tenable Nessus
added 2012/01/12 12:0 a.m.38 views

OpenSSL < 0.9.2b Session Reuse

According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.2b. A remote attacker could reuse an SSL session under a different context and bypass access control mechanisms based on client certificates. C Tenable Network Security, Inc. include"compat.inc"; i...

7.5CVSS5.6AI score0.03234EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/01/04 12:0 a.m.40 views

OpenSSL < 0.9.7m / 0.9.8e Buffer Overflow (deprecated)

According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.7m or 0.9.8e. A remote attacker could trigger a one-byte buffer overflow. The real impact is unknown. Arbitrary code could be run but no functional exploit was published. This plugin has been...

0.6AI score0.16061EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/01/04 12:0 a.m.132 views

OpenSSL < 0.9.8p / 1.0.0b Buffer Overflow

According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.8p / 1.0.0b. If a TLS server is multithreaded and uses the SSL cache, a remote attacker could trigger a buffer overflow and crash the server or run arbitrary code. C Tenable Network Security, Inc...

7.6CVSS7.9AI score0.22145EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/01/04 12:0 a.m.40 views

OpenSSL < 0.9.8p / 1.0.0e Double Free Vulnerability

According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.8p / 1.0.0e. A remote attacker could crash client software when using ECDH. The impact of this vulnerability is not clear; arbitrary code could be run too. Note that OpenSSL changelog only reports ...

4.3CVSS8.4AI score0.09977EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/01/04 12:0 a.m.42 views

OpenSSL < 0.9.8 Weak Default Configuration

According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.8. The default configuration uses MD5 instead of a stronger hash algorithm. An attacker could forge certificates. If you never generate certificates on this machine, you may ignore this warning. C...

7.5CVSS8.4AI score0.00844EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/01/04 12:0 a.m.42 views

OpenSSL < 0.9.6b Predictable Random Generator

According to its banner, the remote web server is running a version of OpenSSL that is earlier than 0.9.6b and allows remote attackers to predict the output of the pseudo-random generator. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17745; scriptversion"1.11";...

5CVSS5.5AI score0.04988EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2012/01/04 12:0 a.m.50 views

OpenSSL < 0.9.7l / 0.9.8d Multiple Vulnerabilities

According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.7l or 0.9.8d. As such, it is affected by multiple vulnerabilities : - A remote attacker could trigger a denial of service, either via malformed ASN.1 structures or specially crafted public keys...

10CVSS8.2AI score0.48575EPSS
Exploits10References6
Tenable Nessus
Tenable Nessus
added 2012/01/04 12:0 a.m.38 views

OpenSSL 1.0.0 < 1.0.0-beta2 DoS

According to its banner, the remote server is running a version of OpenSSL 1.0.0 prior to 1.0.0 beta 2. A remote attacker can crash the server by sending an out-of-sequence DTLS handshake message. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17768;...

5CVSS7AI score0.18241EPSS
Exploits3References5
Exploit DB
Exploit DB
added 2011/12/21 12:0 a.m.78 views

Plone and Zope - Remote Command Execution

Exploit Title: Plone - Remote Command Execution Date: 12/21/2011 Author: Nick Miles www.npenetrable.com Tested on: 12/21/2011 CVE : CVE-2011-3587 Versions Affected without hotfix: Plone 4.0 through 4.0.9; Plone 4.1; Plone 4.2 a1 and a2; Zope 2.12.x and Zope 2.13.x. Versions Not Affected: Versions...

9.3CVSS6.4AI score0.78546EPSS
Exploits15
Metasploit
Metasploit
added 2011/12/20 4:6 p.m.41 views

TFTP File Transfer Utility

This module will transfer a file to or from a remote TFTP server. Note that the target must be able to connect back to the Metasploit system, and NAT traversal for TFTP is often unsupported. Two actions are supported: "Upload" and "Download," which behave as one might expect -- use 'set action...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2011/12/16 12:0 a.m.16 views

mPDF 5.3 - File Disclosure

mPDF 5.3 - File Disclosure Exploit Title: mPDF 1; use c...

7.4AI score
Exploits0
CVE
CVE
added 2011/12/08 8:0 p.m.88 views

CVE-2011-4128

CVE-2011-4128 affects GnuTLS: a buffer overflow in gnutls_session_get_data in lib/gnutls_session.c can be triggered when a client uses nonstandard session resumption. A remote TLS server can cause an application crash (DoS) by sending a large SessionTicket. Affected are GnuTLS 2.12.x prior to 2.1...

4.3CVSS8.1AI score0.02386EPSS
Exploits0References15Affected Software1
exploitpack
exploitpack
added 2011/11/28 12:0 a.m.37 views

Google Android - content: URI Multiple Information Disclosure Vulnerabilities

Google Android - content: URI Multiple Information Disclosure Vulnerabilities Android Data Stealing Web PageClick: Malicious Link"; // Stage 1: Redirect to Stage 2 which will force a download of the HTML/...

4.3CVSS0.1AI score0.26952EPSS
Exploits8
ThreatPost
ThreatPost
added 2011/11/15 6:44 p.m.8 views

Researchers Crack Siri Protocol

Researchers cracked the pride of Apple’s latest iPhone iteration yesterday, reverse-engineering the language processing, interactive personal assistant application called Siri. On their blog, the researchers from Applidium posted a demo and directions that will allow users to install and use the...

0.1AI score
Exploits0References1
Rows per page
Query Builder