Lucene search
K

144 matches found

Prion
Prion
added 2018/05/01 7:29 p.m.22 views

Design/Logic Flaw

Automatic Bug Reporting Tool ABRT before 2.1.6 allows local users to obtain sensitive information about arbitrary files via vectors related to sha1sums...

2.1CVSS6.4AI score0.00308EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/05/01 7:0 p.m.45 views

CVE-2013-4209

The CVE-2013-4209 entry concerns Red Hat ABRT (Automatic Bug Reporting Tool) before 2.1.6. The vulnerability allows a local attacker to obtain sensitive information from arbitrary files via vectors related to sha1sums, resulting in a partial confidentiality impact. Affected software: ABRT prior t...

3.3CVSS3.7AI score0.00308EPSS
Exploits0References1Affected Software1
Kitploit
Kitploit
added 2018/04/19 12:46 p.m.30 views

Sandcat Browser 6.0 - Pentest And Developer-Oriented Web Browser

Sandcat is a lightweight multi-tabbed web browser that combines the speed and power of Chromium and Lua. Sandcat comes with built-in live headers, an extensible user interface and command line console, resource viewer, and many other features that are useful for web developers and pen-testers and...

6.9AI score
Exploits0References3
Kitploit
Kitploit
added 2018/04/16 8:23 p.m.22 views

Hashtopolis - A Hashcat Wrapper For Distributed Hashcracking

Hashtopolis is a multi-platform client-server tool for distributing hashcat tasks to multiple computers. The main goals for Hashtopolis's development are portability, robustness, multi-user support, and multiple groups management. The application has two parts: Agent Multiple clients C, Python,...

7.2AI score
Exploits0References2
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2017/10/05 12:0 a.m.27 views

Stable Channel Updates for Chrome OS

The Stable channel has been updated to 61.0.3163.113 Platform version: 9765.76.0 for most Chrome OS devices . This build contains a number of bug fixes, security updates, and feature enhancements. Systems will be receiving updates over the next several days. Some highlights of these changes are:...

7.8CVSS7.2AI score0.00626EPSS
Exploits0Affected Software1
Kitploit
Kitploit
added 2017/06/26 3:3 p.m.24 views

getsploit - Command line utility for searching and downloading exploits

Command line search and download tool for Vulners Database inspired by searchsploit. It allows you to search online for the exploits across all the most popular collections: Exploit-DB , Metasploit , Packetstorm and others. The most powerful feature is immediate exploit source download right in...

7.8AI score
Exploits0References2
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2017/06/09 12:0 a.m.39 views

Stable Channel Update for Chrome OS

The Stable channel has been updated to 59.0.3071.91, 59.0.3071.92 Platform version: 9460.60.0, 9460.60.2 for all Chrome OS devices except the Google Chromebook Pixel 2015. This build contains a number of bug fixes, security updates, and feature enhancements. Systems will be receiving updates over...

3.3CVSS4.2AI score0.00151EPSS
Exploits0Affected Software1
Hacker One
Hacker One
added 2017/01/09 7:38 p.m.13 views

ownCloud: bug reporting template encourages users to paste config file with passwords

The dangerous bug reporting template ============================= The github bug reporting template for owncloud's server and some apps contains this: The content of config/config.php: If you have access to your command line run e.g.: sudo -u www-data php occ config:list system from within your...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2017/01/09 12:40 p.m.15 views

Nextcloud: bug reporting template encourages users to paste config file with passwords

The dangerous bug reporting template ============================= The github bug reporting template for nextcloud's server and some apps contains this: The content of config/config.php: If you have access to your command line run e.g.: sudo -u www-data php occ config:list system from within your...

7.1AI score
Exploits0
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2016/08/03 12:0 a.m.18 views

Stable Channel Update for Chrome OS

The Stable channel has been updated to 52.0.2743.116 Platform version: 8350.68.0 for all Chrome OS devices. This build contains a number of bug fixes, security updates, and feature enhancements. Systems will be receiving updates over the next several days. Some highlights of these changes are:...

8.8CVSS9AI score0.01174EPSS
Exploits0Affected Software1
Oracle linux
Oracle linux
added 2016/06/21 12:0 a.m.30 views

setroubleshoot and setroubleshoot-plugins security update

setroubleshoot 3.0.47-12.0.1 - Add setroubleshoot-oracle-enterprise.patch to change bug reporting URL to linux.oracle.com 3.0.47-12 - Don't use command.getoutput Resolves: CVE-2016-4445 setroubleshoot-plugins 3.0.40-3.1.0.1 - Add setroubleshoot-plugins-oracle-enterprise.patch 3.0.40-3.1 - Don't u...

6.9CVSS6.7AI score0.00475EPSS
Exploits3
Kitploit
Kitploit
added 2016/05/31 11:30 p.m.22 views

BurpSuiteJSBeautifier - Burp Suite JavaScript Beautifier

Most of the websites compress their resources such as JS files in order to increase the loading speed. However, security testing and debugging a compressed resource is not an easy task. This is a Burp Suite open source extension which makes it possible to beautify most of the resources properly...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2016/05/23 10:54 p.m.20 views

Shellsploit - New Generation Exploit Development Kit

Shellsploit let's you generate customized shellcodes, backdoors, injectors for various operating system. And let's you obfuscation every byte via encoders. Install/Uninstall If you want to use Shellsploit, you have to install Capstone first. For the Capstone's installation: root$ sudo pip install...

7.3AI score
Exploits0References1
seebug.org
seebug.org
added 2015/12/09 12:0 a.m.70 views

Red Hat Automatic Bug Reporting Tool任意文件写入漏洞

问题在abrt-action-install-debuginfo-to-abrt-cache 在默认的情况下,它会在/var/tmp/abrt-tmp-debuginfo-RANDOMSUFFIX创建一个临时文件,然后会下载rpm文件到这个文件夹,之后会进行解压,因为是临时文件夹,所以解压的路径不是这个,而是在/var/cache/abrt-di,但是因为这个文件夹并不是随机创建的,而且可预测性极强,所以我们可以提前创建这个文件夹,依靠控制unpacked.cpio这个文件,我们就能欺骗abrt-action-install-debuginfo提取一个我们可控制的cpio文件...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/12/09 12:0 a.m.18 views

Red Hat Automatic Bug Reporting Tool权限获取漏洞

No description provided by source...

7.1AI score
Exploits0
CNVD
CNVD
added 2015/12/08 12:0 a.m.4 views

Red Hat Automatic Bug Reporting Tool Privilege Gain Vulnerability

Red Hat Automatic Bug Reporting Tool ABRT is a set of automated bug detection and reporting tools from Red Hat Red Hat. A security vulnerability exists in the abrt-hook-ccpp help process in Red Hat ABRT versions prior to 2.7.1. A local attacker with certain privileges could exploit this...

6.9CVSS6.7AI score0.03296EPSS
Exploits17References1
CVE
CVE
added 2015/12/07 6:0 p.m.149 views

CVE-2015-5287

CVE-2015-5287 affects ABRT’s abrt-hook-ccpp prior to 2.7.1, enabling a local user with certain permissions to gain privileges via a symlink attack on a file with a predictable name (e.g., /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump). Publicly documented exploit paths incl...

6.9CVSS6.3AI score0.03296EPSS
Exploits17References8Affected Software1
CVE
CVE
added 2015/12/07 6:0 p.m.95 views

CVE-2015-5273

CVE-2015-5273 affects ABRT and libreport: the abrt-action-install-debuginfo-to-abrt-cache helper allows a local attacker to write arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp. Public advisories (RHSA/CESA) and distributed sec...

3.6CVSS6.1AI score0.00909EPSS
Exploits5References7Affected Software1
Cent OS
Cent OS
added 2015/12/01 6:46 p.m.63 views

abrt, libreport security update

CentOS Errata and Security Advisory CESA-2015:2505 Updated abrt and libreport packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...

6.9CVSS5.9AI score0.03296EPSS
Exploits18References7
Fedora
Fedora
added 2015/11/26 4:58 a.m.21 views

[SECURITY] Fedora 21 Update: abrt-2.3.0-12.fc21

abrt is a tool to help users to detect defects in applications and to create a bug report with all information needed by maintainer to fix it. It uses plugin system to extend its functionality...

5CVSS6.2AI score0.02769EPSS
Exploits0
Rows per page
Query Builder