Lucene search
K

2766 matches found

Packet Storm
Packet Storm
added 2016/09/12 12:0 a.m.39 views

Exper EWM-01 ADSL/MODEM Unauthenticated Remote DNS Changer

!/bin/bash Exper EWM-01 ADSL/MODEM Unauthenticated Remote DNS Change Exploit Copyright 2016 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is accessible without authentication. Once modified,...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/09 12:0 a.m.112 views

Adobe ColdFusion < 11 Update 10 - XML external entity injection

Discovered by: Dawid Golunski - http://legalhackers.com - dawid at legalhackers.com - APSB16-30 - Release date: 31.08.2016 I. VULNERABILITY Adobe ColdFusion = 11 XML External Entity XXE Injection II. BACKGROUND "Adobe ColdFusion 11 Enterprise Edition offers a single platform to rapidly build and...

6.4CVSS9.3AI score0.69044EPSS
Exploits7
CNVD
CNVD
added 2016/09/01 12:0 a.m.17 views

Cisco WebEx Meetings Player Denial of Service Vulnerability

Cisco WebEx Meetings are web conferencing solutions. A security vulnerability exists in Cisco WebEx Meetings Player due to the program not properly validating user-supplied files. Exploitation of this vulnerability by an unauthenticated remote user could cause WebEx Meetings Player to crash...

5.5CVSS7AI score0.05607EPSS
Exploits3References1
CNVD
CNVD
added 2016/08/25 12:0 a.m.2 views

Authentication Vulnerability in Range Networks OpenBTS/OpenBTS-UMTS

Range Networks OpenBTS/OpenBTS-UMTS is software for analog protocol stacks for GSM networks. An authentication vulnerability exists in Range Networks OpenBTS/OpenBTS-UMTS. An unauthenticated, remote attacker could exploit the vulnerability to execute commands in the transceiver module of the BTS...

7.5AI score
Exploits0References1
exploitpack
exploitpack
added 2016/08/16 12:0 a.m.25 views

Nagios Network Analyzer 2.2.0 - Multiple Vulnerabilities

Nagios Network Analyzer 2.2.0 - Multiple Vulnerabilities , , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Nagios Network Analyzer Multiple Vulnerabilities Affected versions: Nagios Network Analyzer =...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2016/08/13 12:0 a.m.30 views

Nagios Network Analyzer 2.2.0 Command Injection / SQL Injection

, , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Nagios Network Analyzer Multiple Vulnerabilities Affected versions: Nagios Network Analyzer = 2.2.0 PDF:...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2016/08/10 12:0 a.m.95 views

vBulletin 5.2.2 - Server-Side Request Forgery

vBulletin 5.2.2 - Server-Side Request Forgery ''' ============================================= - Discovered by: Dawid Golunski - http://legalhackers.com - dawid at legalhackers.com - CVE-2016-6483 - Release date: 05.08.2016 - Severity: High ============================================= I...

5CVSS1AI score0.11945EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2016/07/12 12:0 a.m.53 views

MS16-085: Cumulative Security Update for Microsoft Edge (3169999)

The version of Microsoft Edge installed on the remote Windows host is missing Cumulative Security Update 3169999. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists due to a failure to properly implement Address Space Layout Randomization ASL...

9.3CVSS7.3AI score0.36361EPSS
Exploits0References14
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/06/20 7:36 a.m.59 views

Apache Struts vulnerable to denial-of-service (DoS)

Overview Apache Struts provided by the Apache Software Foundation is a software framework for creating web applications in Java. Web applications that are developed using Apache Struts 2 contain a denial-of-service DoS vulnerability due to an issue in URLValidator. ASAI Ken reported this...

5.3CVSS6.8AI score0.10638EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/06/20 12:0 a.m.66 views

JVN#07710476: Apache Struts 2 vulnerable to remote code execution

Apache Struts 2 provided by the Apache Software Foundation is a software framework for creating Java web applications. Web applications that are developed using Apache Struts 2 REST Plugin contain a remote code execution vulnerability. Note that the exploit code for this vulnerability is publicly...

9.8CVSS9.8AI score0.17171EPSS
Exploits2
CNVD
CNVD
added 2016/05/06 12:0 a.m.6 views

Cisco FirePOWER System Software Denial of Service Vulnerability

Cisco Firepower is a family of advanced firewalls. A security vulnerability exists in the packet processing functionality of the Cisco FirePOWER System Software. An unauthenticated, remote attacker could cause a denial of service on the affected device...

7.8CVSS6.8AI score0.01649EPSS
Exploits0References1
CNVD
CNVD
added 2016/05/06 12:0 a.m.5 views

Cisco FirePOWER System Software Kernel Logging Configuration Denial of Service Vulnerability

Cisco Firepower is a family of advanced firewalls. A security vulnerability exists in the kernel logging configuration of the Cisco FirePOWER System Software.ASA 5585-X FirePOWER SSP module is affected by this vulnerability. An unauthenticated remote attacker could cause a denial of service on th...

7.8CVSS6.9AI score0.01931EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/05/02 1:11 p.m.7 views

OpenJDK: unrestricted deserialization of authentication credentials (JMX, 8144430)

It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger...

10CVSS7.3AI score0.92334EPSS
Exploits1References6
Packet Storm
Packet Storm
added 2016/04/26 12:0 a.m.26 views

Gemtek CPE7000 WLTCS-106 Administrator SID Retriever

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever', 'Description' = %q A vulnerability exists for Gemtek CPE7000 model ID...

0.3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2016/04/12 12:0 a.m.25 views

Ecava IntegraXor Report summary SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Ecava IntegraXor. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of summary report requests. The vulnerability is caused by the lack of input...

7.5CVSS3.4AI score0.01425EPSS
Exploits0References2
CNVD
CNVD
added 2016/04/07 12:0 a.m.4 views

Cisco TelePresence Server Denial of Service Vulnerability

Cisco TelePresence is a Cisco TelePresence solution. Cisco TelePresence Server version 3.1 fails to properly handle malformed STUN packets, which can allow an unauthenticated remote attacker to cause the affected device to reload...

7.8CVSS7AI score0.01931EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/03/16 12:0 a.m.12 views

Php Utility Belt Multiple Vulnerabilities

Php Utility Belt is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phputilitybelt:php";...

7.3AI score
Exploits0References2
CERT
CERT
added 2016/02/29 12:0 a.m.40 views

IKE/IKEv2 protocol implementations may allow network amplification attacks

Overview Implementations of the IKEv2 protocol are vulnerable to network amplification attacks. Description CWE-406: Insufficient Control of Network Message Volume Network Amplification IKE/IKEv2 and other UDP-based protocols can be used to amplify denial-of-service attacks. In some scenarios, an...

7.8CVSS7.4AI score0.03151EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2016/02/12 12:0 a.m.17 views

Cisco ASA < 9.5(2.2) IKEv1 and IKEv2 UDP Packet Handling RCE (cisco-sa-20160210-asa-ike)

Binary data 801954.prm...

10CVSS7.3AI score0.77462EPSS
Exploits4References6
CERT
CERT
added 2016/01/12 12:0 a.m.55 views

Samsung SRN-1670D camera contains multiple vulnerabilities

Overview The Samsung SRN-1670D camera contains multiple vulnerabilities. Description CWE-264: Permissions, Privileges, and Access Controls - CVE-2015-8279 An undocumented PHP request may be used to read arbitrary files from the system. CWE-200: Information Exposure - CVE-2015-8280 The interface...

8.6CVSS8AI score0.51379EPSS
Exploits5References1
Rows per page
Query Builder