Lucene search
K

153 matches found

Packet Storm
Packet Storm
added 2019/04/28 12:0 a.m.53 views

SGI IRIX 6.4.x Run-Time Linker Arbitrary File Creation

!/bin/sh SGI IRIX /etc/passwd" /tmp/.x.sh chmod 755 /tmp/.x.sh RLDARGS="-log /.cshrc |/tmp/.x.sh" /sbin/su last -3 root echo " waiting 5mins for root to login..." sleep 300 su - w00t...

0.9AI score
Exploits0
NVD
NVD
added 2018/12/20 5:29 p.m.22 views

CVE-2018-1000880

libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards release v3.2.0 onwards contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archivereadsupportformatwarc.c, warcread that can result in DoS - quasi-infinite run time and disk usage from ti...

6.5CVSS7.2AI score0.04056EPSS
Exploits0References10
The Hacker News
The Hacker News
added 2018/10/12 9:3 a.m.2 views

Google Adds Control-Flow Integrity to Beef up Android Kernel Security

Google has added a new security feature to the latest Linux kernels for Android devices to prevent it against code reuse attacks that allow attackers to achieve arbitrary code execution by exploiting control-flow hijacking vulnerabilities. In code reuse attacks, attackers exploit memory corruptio...

8.2AI score
Exploits0
Fedora
Fedora
added 2018/10/09 12:8 a.m.36 views

[SECURITY] Fedora 29 Update: nekovm-2.2.0-8.fc29

Neko is a high-level dynamically typed programming language which can also be used as an embedded scripting language. It has been designed to provide a common run-time for several different languages. Neko is not only very easy to learn and use, but also has the flexibility of being able to exten...

5.9CVSS0.6AI score0.02674EPSS
Exploits0
Kitploit
Kitploit
added 2018/05/05 1:12 p.m.30 views

SpookFlare v2.0 - Loader, Dropper Generator With Multiple Features For Bypassing Client-Side And Network-Side Countermeasures

SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader/dropper generator for Meterpreter, Empire, Koadic etc. SpookFlare has...

7.8AI score
Exploits0References6
n0where
n0where
added 2018/05/02 4:46 a.m.24 views

Meterpreter Loader Generator: SpookFlare

SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader/dropper generator for Meterpreter, Empire, Koadic etc. SpookFlare has...

0.3AI score
Exploits0References1
Fedora
Fedora
added 2018/04/25 6:16 p.m.43 views

[SECURITY] Fedora 26 Update: perl-5.24.4-397.fc26

Perl is a high-level programming language with roots in C, sed, awk and she ll scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

9.8CVSS0.3AI score0.10866EPSS
Exploits0
Packet Storm
Packet Storm
added 2017/04/14 12:0 a.m.50 views

PonyOS 4.0 fluttershy LD_LIBRARY_PATH Privilege Escalation

!/usr/bin/python PonyOS 4.0 has added several improvements over previous releases including support for setuid binaries and dynamic libraries. The run-time linker does not sanitize environment variables when running setuid files allowing for local root exploitation through manipulated...

0.5AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.21 views

MS12-013: Vulnerability in C Run-Time Library could allow remote code execution: February 14, 2012

MS12-013: Vulnerability in C Run-Time Library could allow remote code execution: February 14, 2012 INTRODUCTION Microsoft has released security bulletin MS12-013. To view the complete security bulletin, visit one of the following Microsoft websites: Home users:...

7.2AI score
Exploits0
Fedora
Fedora
added 2016/08/08 8:34 p.m.41 views

[SECURITY] Fedora 24 Update: perl-Module-Load-Conditional-0.68-1.fc24

This module provides simple ways to query and possibly load any of the modu les you have installed on your system during run-time...

7.8CVSS2AI score0.00779EPSS
Exploits0
CNVD
CNVD
added 2016/04/14 12:0 a.m.6 views

Microsoft Windows Client-Server Run-time Subsystem Security Bypass Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. A security bypass vulnerability exists in the Client Server Runtime Subsystem CSRSS of Microsoft Windows, which arises from a program's failure to properly manage process tokens in memory. A local...

7.8CVSS7AI score0.63195EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2016/04/12 12:0 a.m.124 views

MS16-048: Security Update for CSRSS (3148528)

The remote Windows host is missing a security update. It is, therefore, affected by a security feature bypass vulnerability in the Client-Server Run-time Subsystem CSRSS due to improper management of process tokens in memory. A local attacker can exploit this vulnerability, via a specially crafte...

7.8CVSS8.3AI score0.63195EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2013/04/10 12:0 a.m.31 views

MS13-033: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2820917)

The Windows Client/Server Run-time Subsystem CSRSS on the remote host has a privilege escalation vulnerability due to an improper handling of objects in memory. An attacker who successfully exploits this vulnerability can execute arbitrary code in the context of the local system. The attacker cou...

7.2CVSS6.1AI score0.02239EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/02/13 12:0 a.m.26 views

MS Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2790113)

This host is missing an important security update according to Microsoft Bulletin MS13-019. OpenVAS Vulnerability Test $Id: secpodms13-019.nasl 5346 2017-02-19 08:43:11Z cfi $ MS Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability 2790113 Authors: Antu Sanadi Copyright:...

7.2CVSS1AI score0.01791EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2013/02/13 12:0 a.m.23 views

Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2790113)

This host is missing an important security update according to Microsoft Bulletin MS13-019. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.2CVSS5AI score0.01791EPSS
Exploits0References4
Nmap
Nmap
added 2012/07/16 7:27 p.m.952 views

http-slowloris NSE Script

Tests a web server for vulnerability to the Slowloris DoS attack by launching a Slowloris attack. Slowloris was described at Defcon 17 by RSnake see . This script opens and maintains numerous 'half-HTTP' connections until the server runs out of resources, leading to a denial of service. When a...

10CVSS0.99448EPSS
Exploits33
The Hacker News
The Hacker News
added 2012/02/22 12:23 p.m.10 views

Apache 2.4 Comes Out, Major update after 6 years

Apache 2.4 Comes Out, Major update after 6 years The Apache Software Foundation officially released the Apache 2.4 today as the first major update to this leading open-source web-server in more than a half-decade. Apache 2.4 is slated to deliver superior performance to its 2.2 predecessor and...

6.7AI score
Exploits0
OpenVAS
OpenVAS
added 2012/02/15 12:0 a.m.27 views

Microsoft Windows C Run-Time Library Remote Code Execution Vulnerability (2654428)

This host is missing a critical security update according to Microsoft Bulletin MS12-013. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS5AI score0.24272EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2012/01/08 5:55 p.m.33 views

CVE-2011-5057

Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23, provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an...

5CVSS7.2AI score0.28628EPSS
Exploits0References2
Prion
Prion
added 2012/01/08 5:55 p.m.20 views

Design/Logic Flaw

Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23, provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an...

5CVSS7AI score0.28628EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder