21 matches found
EUVD-2021-25724
Malware in sbrugna...
EUVD-2021-25725
Malware in sbrugna...
CVE-2021-39364
Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow command spoofing for camera control after ARP cache poisoning has been achieved...
CVE-1999-0667
The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service...
CVE-2025-30165 Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration
vLLM is an inference and serving engine for large language models. In a multi-node vLLM deployment using the V0 engine, vLLM uses ZeroMQ for some multi-node communication purposes. The secondary vLLM hosts open a SUB ZeroMQ socket and connect to an XPUB socket on the primary vLLM host. When data ...
CVE-2021-39364
Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow command spoofing for camera control after ARP cache poisoning has been achieved...
CVE-2021-39363
Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow a video replay attack after ARP cache poisoning has been achieved...
Design/Logic Flaw
Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow a video replay attack after ARP cache poisoning has been achieved...
Command injection
Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow command spoofing for camera control after ARP cache poisoning has been achieved...
CVE-2021-39363
CVE-2021-39363 affects Honeywell HDZP252DI (1.00.HW02.4) and HBW2PER1 (1.000.HW01.3) devices. Reported impact is a video replay attack that occurs after ARP cache poisoning is achieved. The NVD notes a high-severity, network-based vulnerability with CVSS v3.1 base score 9.8 (C:H, I:H, A:H; no pri...
CVE-2021-39363
Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow a video replay attack after ARP cache poisoning has been achieved...
CVE-2021-39364
Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow command spoofing for camera control after ARP cache poisoning has been achieved...
CVE-2021-39364
The CVE-2021-39364 issue affects Honeywell HDZP252DI (1.00.HW02.4) and HBW2PER1 (1.000.HW01.3). It enables command spoofing for camera control after ARP cache poisoning, per multiple connected sources. Root cause: ARP spoofing enabling spoofed commands. No exploitation details or specific mitigat...
Slack: Slack DTLS uses a private key that is in the public domain, which may lead to SRTP stream hijack
Affects: Janus DTLS certificate Description The Janus server in use by Slack is configured using a certificate and private key that were previously distributed by default. This certificate is used to authenticate the DTLS connection which is later used to exchange keys for the SRTP stream. As a...
SMBetray - SMB MiTM Tool With A Focus On Attacking Clients Through File Content Swapping, Lnk Swapping, As Well As Compromising Any Data Passed Over The Wire In Cleartext
Version 1.0.0. This tool is a PoC to demonstrate the ability of an attacker to intercept and modify insecure SMB connections, as well as compromise some secured SMB connections if credentials are known. Background Released at Defcon26 at "SMBetray - Backdooring and Breaking Signatures" In SMB...
Uber: The Microsoft Store Uber App Does Not Implement Certificate Pinning
Summary The Microsoft Store Uber App Windows Phone Architecture does not properly implement certificate pinning. Security Impact Layer-2+ network traffic transmitted from and received by the app can be surreptitiously intercepted and transparently modified by an attacker, with no warnings or erro...
[Ghost Phisher v1.5] GUI suite for phishing and penetration attacks
Ghost Phisher is an application of security which comes built-in with a fake DNS server ,DHCP server fake, fake HTTP Server and also has a space for the automatic capture and recording credentials HTTP method of the form to a database. The program could be used for on-demand service of DHCP, DNS,...
[Ghost Phisher] GUI suite for phishing and penetration attacks
Ghost Phisher is a Wireless and Ethernet security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able to emulate access points and deploy various internal networking servers for networking, penetration testing and...
[zANTI] The Power of Backtrack on your Android
Android Network Toolkit also known as zANTI is the most comprehensive and refined pentest tool for android by Zimperium. Zimperium is founded by white hat hacker Itzhack ‘Zuk’ Avraham and also have Kevin Mitnick on there team! They also had recently held the Pentester’s WorldCup. zAnti still come...
CVE-1999-0667
The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service...