Lucene search
K

102 matches found

Tenable Nessus
Tenable Nessus
added 2020/04/29 12:0 a.m.12 views

Microsoft SharePoint Server 2019 build < 16.0.10352.20000 Multiple Vulnerabilities

According to its self-reported version number, the Microsoft SharePoint application running on the remote host is affected by multiple vulnerabilities : - An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the SharePoint...

6.5CVSS6.7AI score0.08357EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2020/04/29 12:0 a.m.17 views

Microsoft SharePoint Server 2013 build < 15.0.5153.1000 Multiple Vulnerabilities

According to its self-reported version number, the Microsoft SharePoint application running on the remote host is affected by multiple vulnerabilities : - An authentication bypass vulnerability exists in Windows Communication Foundation WCF and Windows Identity Foundation WIF, allowing signing of...

7.5CVSS7.2AI score0.06024EPSS
Exploits0References4
Kitploit
Kitploit
added 2020/02/05 8:30 p.m.100 views

Jaeles v0.4 - The Swiss Army Knife For Automated Web Application Testing

Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner. Installation Download precompiled version here. If you have a Go environment, make sure you have Go = 1.13 with Go Modules enable and run the following command. GO111MODULE=...

6.5CVSS6.7AI score0.94453EPSS
Exploits2References9
Tenable Nessus
Tenable Nessus
added 2020/01/02 12:0 a.m.33 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : nss-softokn Vulnerability (NS-SA-2019-0262)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has nss-softokn packages installed that are affected by a vulnerability: - Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used...

7.5CVSS8.2AI score0.02794EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/12/11 12:0 a.m.29 views

Wireshark 2.6.x < 2.6.13 A Vulnerability (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.6.13. It is, therefore, affected by a vulnerability as referenced in the wireshark-2.6.13 advisory. - In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in...

7.5CVSS7.1AI score0.04128EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/10/09 12:0 a.m.16 views

Atlassian Jira 8.1.x < 8.1.3 Template Injection Vulnerability

According to its self-reported version number, the Atlassian Jira application running on the remote host is 7.0.10 7.6.16, 7.7.x 7.13.8, 8.1.x 8.1.3, 8.2.x 8.2.5, 8.3.x 8.3.4, 8.4.x 8.4.1. It is, therefore, affected by a server-side template injection vulnerability that exists in the Jira Importe...

9CVSS7.4AI score0.11366EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.29 views

NewStart CGSL MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0006)

The remote NewStart CGSL host, running version MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: - A use-after-free vulnerability can occur when flushing and resizing layout because the PressShell object has been freed while still in use. This results in...

10CVSS7.9AI score0.07439EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2019/07/26 12:0 a.m.129 views

Zurmo 3.2.6 Persistent Cross Site Scripting

Stored Cross-site Scripting Vulnerability in Zurmo 3.2.6 Information -------------------- Advisory by Netsparker Name: Stored Cross-site Scripting in Zurmo Affected Software: Zurmo Affected Versions: 3.2.6 Homepage: http://zurmo.org Vulnerability: Stored Cross-site Scripting Severity: Medium...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/04/12 12:0 a.m.36 views

Adobe Reader < 2015.006.30493 / 2017.011.30138 / 2019.010.20099 Multiple Vulnerabilities (APSB19-17)

The version of Adobe Reader installed on the remote Windows host is a version prior to 2015.006.30493, 2017.011.30138, or 2019.010.20099. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier,...

10CVSS8.2AI score0.54122EPSS
Exploits4References22
Tenable Nessus
Tenable Nessus
added 2019/03/01 12:0 a.m.48 views

PHP 7.1.x < 7.1.8 Denial of Service Vulnerability

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.8. It is, therefore, affected by a denial of service DoS vulnerability exists in the ext/wddx/wddx.c script due to the use of an invalid free for an empty boolean element. An unauthenticated, remote...

7.5CVSS7.3AI score0.06846EPSS
Exploits0References2
Information Security Automation
Information Security Automation
added 2019/02/20 10:1 a.m.250 views

First look at Tenable.io Web Application Scanner (WAS)

When Tenable firstly announced Web Application Security scanner as a part of their new Tenable.io platform, it was quite intriguing. Certainly, they already had some WAS functionality before in Nessus. For example, path traversal check was pretty good. But this functionality was quite fragmental...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.12 views

AngularJS < 1.6.1 Cross-Site Scripting

According to its self-reported version number, AngularJS is prior to 1.6.1. Therefore, it may be affected by a JSONP callback vulnerability than can lead to Cross-Site Scripting XSS. Note that the scanner has not tested for these issues but has instead relied only on the application's self-report...

6.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/08/16 12:0 a.m.1246 views

Apache 2.4.x < 2.4.34 Multiple Vulnerabilities

According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.34. It is, therefore, affected by the following vulnerabilities: - By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a...

7.5CVSS6.6AI score0.51714EPSS
Exploits0References4
Kitploit
Kitploit
added 2018/07/27 9:54 p.m.16 views

WAScan v0.2.1 - Web Application Scanner

WAScan Web Application Scanner is a Open Source web application security scanner. It is designed to find various vulnerabilities using "black-box" method, that means it won't study the source code of web applications but will work like a fuzzer, scanning the pages of the deployed web application,...

0.1AI score
Exploits0References1
Tenable Product Security Advisories
Tenable Product Security Advisories
added 2018/07/05 7:46 p.m.533 views

[R1] TenableCore Web Application Scanner v20180702 Fixes Third-party Vulnerabilities

The TenableCore Web Application Scanner Image v20180328 was found to contain a command injection flaw in a script included in the bundled DHCP client dhclient package. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitra...

2.3AI score
Exploits0
Tenable Product Security Advisories
Tenable Product Security Advisories
added 2018/07/05 7:46 p.m.15 views

[R1] TenableCore Web Application Scanner v20180702 Fixes Third-party Vulnerabilities

The TenableCore Web Application Scanner Image v20180328 was found to contain a command injection flaw in a script included in the bundled DHCP client dhclient package. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitra...

2.3AI score
Exploits0
Kitploit
Kitploit
added 2018/06/25 10:27 p.m.58 views

Optiva Framework - Web Application Scanner

You can use this Framework on your website to check the security of your website by finding the vulnerability in your website or you can use this tool to Get admin panel search SQL injection by dork As well as collecting information and encrypting Hash. Features : Infromation Modules : Port Scann...

8.2AI score
Exploits0References1
Kitploit
Kitploit
added 2018/06/18 2:9 p.m.216 views

VOOKI - Web Application Vulnerability Scanner

Vooki is a free web application vulnerability scanner. Vooki is a user-friendly tool that you can easily scan any web application and find the vulnerabilities. Vooki includes Web Application Scanner, Rest API Scanner, and reporting section. Vooki – Web Application Scanner can help you to find the...

7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2017/11/27 9:10 p.m.33 views

Vulnerability Management for Network Perimeter

Network Perimeter is like a door to your organization. It is accessible to everyone and vulnerability exploitation does not require any human interactions, unlike, for example, phishing attacks. Potential attacker can automate most of his actions searching for an easy target. It's important not t...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2017/08/13 1:34 p.m.20 views

Spaghetti - Web Application Security Scanner

Spaghetti is a web application security scanner tool. It is designed to find various default and insecure files, configurations and misconfigurations. Spaghetti is built on python2.7 and can run on any platform which has a Python environment. Installation $ git clone...

7.3AI score
Exploits0References1
Rows per page
Query Builder