CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

HackRead•added 2018/04/10 5:40 p.m.•39 views

Students fell prey to phishing attacks conducted by their universities

By Waqas Universities Educating Students on Cybersecurity by Simulating Fake Phishing Attacks. This is a post from HackRead.com Read the original post: Students fell prey to phishing attacks conducted by their universities...

3.4AI score

n0where•added 2018/03/13 7:51 p.m.•81 views

Information Security Preparedness Tool: Metta

Metta is an open-source information security preparedness tool for adversarial simulation. As an emerging concept, the industry has yet to settle on a definitive definition of adversarial simulation, but it involves simulating components of targeted attacks in order to test both an organization’s...

1AI score

Exploits0References3

CNVD•added 2018/01/02 12:0 a.m.•2 views

Linux Kernel Denial of Service Vulnerability (CNVD-2018-02199)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'einjerrorinject' function in the drivers/acpi/apei/einj.c file in the Linux kernel. A local attacker could exploit this...

5.5CVSS6AI score0.00055EPSS

FireEye•added 2017/10/23 3:15 p.m.•11 views

New FakeNet-NG Feature: Content-Based Protocol Detection

I Matthew Haigh recently contributed to FLARE’s FakeNet-NG network simulator by adding content-based protocol detection and configuration. This feature is useful for analyzing malware that uses a protocol over a non-standard port; for example, HTTP over port 81. The new feature also detects and...

6.4AI score

FireEye•added 2017/10/23 11:15 a.m.•492 views

New FakeNet-NG Feature: Content-Based Protocol Detection

0.1AI score

CVE•added 2017/10/17 2:0 p.m.•35 views

CVE-2014-9733

CVE-2014-9733 concerns nw.js. The connected documents indicate that NW.js before 0.11.5 can simulate user input events within a normal frame, enabling a remote attacker to cause an unknown impact via unknown vectors. The CNVD entry explicitly notes a vulnerability in nw.js prior to 0.11.5 and men...

9.8CVSS9.5AI score0.00691EPSS

Exploits0References1Affected Software1

Openbugbounty•added 2017/09/19 9:53 p.m.•9 views

marketplace-simulation.com XSS vulnerability

Vulnerable URL: http://www.marketplace-simulation.com/?utmsource=marketplace-livemedium=301campaign=Brochure%20Referral%27%3E%3Csvg%20onload=alert%22OPENBUGBOUNTY%22%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 18.12.2017 Vulnerability type:| XSS Vulnerability...

6.3AI score

Packet Storm•added 2017/09/14 12:0 a.m.•40 views

Sielco Sistemi Winlog 2.07.16 Buffer Overflow

require 'msf/core' class MetasploitModule 'Sielco Sistemi Winlog %q This module exploits a stack based buffer overflow found in Sielco Sistemi Winlog 'James Fitts' , 'License' = MSFLICENSE, 'Version' = '$Revision: $', 'References' = , 'Privileged' = true, 'DefaultOptions' = 'EXITFUNC' = 'thread',...

1.3AI score

n0where•added 2017/08/16 5:44 a.m.•76 views

Encrypted, Anti-Replay, Multiplexed Udp Tunnel: Udp2raw-tunnel

A UDP Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket, helps you Bypass UDP FireWalls or Unstable UDP Environment. Its Encrpyted, Anti-Replay and Multiplexed. It also acts as a Connection Stabilizer. Features Send / Receive UDP Packet with fake-tcp/icmp headers...

7.4AI score

Kitploit•added 2017/07/19 2:30 p.m.•379 views

GPS-SDR-SIM - Software-Defined GPS Signal Simulator

GPS-SDR-SIM generates GPS baseband signal data streams, which can be converted to RF using software-defined radio SDR platforms, such as bladeRF, HackRF, and USRP. Windows build instructions 1. Start Visual Studio. 2. Create an empty project for a console application. 3. On the Solution Explorer ...

7.4AI score

Exploits0References3

n0where•added 2017/05/31 11:31 p.m.•14 views

SIP-Based DoS Attack Simulator: SIP-DAS

SIP-DAS DoS Attack Simulator is a tool developed to simulate SIP-based DoS attacks. It has been developed to be used in academic work to help developing novel SIP-based DDoS attacks and defense approaches in original. SIP-DAS was originally written in Java, but it has been rewritten using Python,...

0.1AI score

MSRC•added 2017/04/03 7:0 a.m.•12 views

Advanced Threat Analytics プレイブックを使って攻撃をシミュレーションし検出する方法

本記事は、Microsoft Advanced Threat Analytics Team のブログ “How to simulate and detect attacks with the Advanced Threat Analytics Playbook” 2017 年 2 月 23...

2.2AI score

BDU FSTEC•added 2017/03/31 12:0 a.m.•0 views

The vulnerability of the microprogramming software of the Cisco TelePresence Server allows a hacker to simulate the endpoints of the server.

The vulnerability of the Privilege software interface of the Cisco TelePresence Server control device’s microprogramming system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to simulate the behavior of the server’s endpoints remotely...

5CVSS5.9AI score0.0013EPSS

Exploits0References3Affected Software1

n0where•added 2017/02/07 5:8 a.m.•30 views

Reverse Engineering Communication Protocols: Netzob

Reverse Engineering Communication Protocols Netzob is an open source tool for reverse engineering, traffic generation and fuzzing of communication protocols. It allows to infer the message format and the state machine of a protocol through passive and active processes. The model can afterward be...

1.7AI score

OSV•added 2016/12/25 7:59 a.m.•3 views

CVE-2016-10041

An issue was discovered in Sprecher Automation SPRECON-E Service Program before 3.43 SP0. Under certain preconditions, it is possible to execute telegram simulation as a non-admin user. As prerequisites, a user must have created an online-connection, validly authenticated and authorized as...

7.5CVSS5.9AI score0.00474EPSS

NVD•added 2016/12/25 7:59 a.m.•12 views

CVE-2016-10041

7.5CVSS7.7AI score0.00474EPSS

Cvelist•added 2016/12/25 6:50 a.m.•16 views

CVE-2016-10041

7.7AI score0.00474EPSS