Lucene search
K

19 matches found

CVE
CVE
added 2026/01/20 9:37 p.m.13 views

CVE-2025-58743

CVE-2025-58743 affects Milner ImageDirector Capture on Windows. The root cause is use of a broken/des outdated DES algorithm in the Password class within C2SConnections.dll, enabling encryption brute-forcing to obtain database credentials. Affected versions are ImageDirector Capture 7.0.9.0 up to...

7.5CVSS5.4AI score0.00071EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.7 views

PT-2026-3669

Name of the Vulnerable Software and Affected Versions Milner ImageDirector Capture versions 7.0.9.0 through 7.6.3.25808 Description A flaw exists in Milner ImageDirector Capture on Windows due to the use of hard-coded application encryption keys within the C2SGlobalSettings.dll component. This...

7.5CVSS5.4AI score0.0013EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.178 views

C2S DVR Management Password Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'C2S DVR Management Password Disclosure', 'Description' = %q C2S DVR allows an unauthenticated user to disclose the username & password by...

7.4AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.4 views

SUSE CVE-2017-18265

Prosody before 0.10.0 allows remote attackers to cause a denial of service application crash, related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket package from Debian stretch. The attacker needs to trigger a stream error. A crash can be observed in,...

7.5CVSS7.3AI score0.01725EPSS
Exploits0References3
Kitploit
Kitploit
added 2021/12/01 8:30 p.m.442 views

ShonyDanza - A Customizable, Easy-To-Navigate Tool For Researching, Pen Testing, And Defending With The Power Of Shodan

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan. With ShonyDanza, you can: Obtain IPs based on search criteria Automatically exclude honeypots from the results based on your pre-configured thresholds Pre-configure all IP searches to filte...

10CVSS9.7AI score0.99999EPSS
Exploits153References1
OPENSUSE Linux
OPENSUSE Linux
added 2021/05/15 12:0 a.m.36 views

Security update for prosody (important)

openSUSE Security Update: Security update for prosody Announcement ID: openSUSE-SU-2021:0728-1 Rating: important References: 1186027 Cross-References: CVE-2021-32917 CVE-2021-32918 CVE-2021-32919 CVE-2021-32920 Affected Products: openSUSE Leap 15.2 An update that fixes four vulnerabilities is now...

7.8CVSS6.9AI score0.02261EPSS
Exploits0References1
Securelist
Securelist
added 2020/11/09 10:0 a.m.32 views

Ghimob: a Tétrade threat actor moves to infect mobile devices

Guildma, a threat actor that is part of the Tétrade family of banking trojans, has been working on bringing in new techniques, creating new malware and targeting new victims. Recently, their new creation, the Ghimob banking trojan, has been a move toward infecting mobile devices, targeting...

0.8AI score
Exploits0
Metasploit
Metasploit
added 2019/01/29 9:18 p.m.15 views

C2S DVR Management Password Disclosure

C2S DVR allows an unauthenticated user to disclose the username & password by requesting the javascript page 'read.cgi?page=2'. This may also work on some cameras including IRDOME-II-C2S, IRBOX-II-C2S. This module requires Metasploit: https://metasploit.com/download Current source:...

Exploits0
Prion
Prion
added 2018/05/09 5:29 p.m.16 views

Code injection

Prosody before 0.10.0 allows remote attackers to cause a denial of service application crash, related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket package from Debian stretch. The attacker needs to trigger a stream error. A crash can be observed in,...

5CVSS7.3AI score0.01725EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2018/05/09 5:29 p.m.2 views

DEBIAN-CVE-2017-18265

Prosody before 0.10.0 allows remote attackers to cause a denial of service application crash, related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket package from Debian stretch. The attacker needs to trigger a stream error. A crash can be observed in,...

7.5CVSS7.3AI score0.01725EPSS
Exploits0References1
OSV
OSV
added 2018/05/09 5:29 p.m.2 views

UBUNTU-CVE-2017-18265

Prosody before 0.10.0 allows remote attackers to cause a denial of service application crash, related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket package from Debian stretch. The attacker needs to trigger a stream error. A crash can be observed in,...

7.5CVSS7.1AI score0.01725EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2016/08/30 3:29 p.m.12 views

BASHLITE Family Of Malware Infects 1 Million IoT Devices

More than one million consumer web-connected video cameras and DVRs are compromised by bot herders who use the devices for DDoS attacks, researchers say. According to Level 3 Threat Research Labs, a small malware family that goes by the names Lizkebab, BASHLITE, Torlus and Gafgyt is behind a web ...

Exploits0References3
OpenVAS
OpenVAS
added 2016/08/23 12:0 a.m.19 views

C2S DVR Management Credentials Disclosure and Authentication Bypass Vulnerabilities

C2S DVR Management application is prone to credentials disclosure and authentication bypass vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.6AI score
Exploits0References1
exploitpack
exploitpack
added 2016/08/19 12:0 a.m.10 views

C2S DVR Management IRDOME-II-C2S IRBOX-II-C2S DVR - Credentials Disclosure Authentication Bypass

C2S DVR Management IRDOME-II-C2S IRBOX-II-C2S DVR - Credentials Disclosure Authentication Bypass 1. Advisory Information ======================================== Title : C2S DVR Management Remote Credentials Disclosure & Authentication Bypass Vendor Homepage : http://www.cash2s.com/en/ Remotely...

0.3AI score
Exploits0
0day.today
0day.today
added 2016/08/19 12:0 a.m.19 views

C2S DVR Management IRDOME-II-C2S / IRBOX-II-C2S, DVR - Credentials Disclosure / Authentication Bypas

Exploit for cgi platform in category web applications 1. Advisory Information ======================================== Title : C2S DVR Management Remote Credentials Disclosure & Authentication Bypass Vendor Homepage : http://www.cash2s.com/en/ Remotely Exploitable : Yes Tested on Camera types :...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2016/08/19 12:0 a.m.38 views

C2S DVR Management IRDOME-II-C2S / IRBOX-II-C2S / DVR - Credentials Disclosure / Authentication Bypass

Advisory Information ======================================== Title : C2S DVR Management Remote Credentials Disclosure & Authentication Bypass Vendor Homepage : http://www.cash2s.com/en/ Remotely Exploitable : Yes Tested on Camera types : IRDOME-II-C2S, IRBOX-II-C2S, DVR Vulnerabilities :...

7AI score
Exploits0
securityvulns
securityvulns
added 2010/04/19 12:0 a.m.69 views

ejabberd XMPP/Jabber server DoS

Array overflows on large number of simulationeus c2s messages...

5CVSS2.7AI score0.03105EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2010/02/03 7:30 p.m.17 views

CVE-2010-0305

ejabberdc2s.erl in ejabberd before 2.1.3 allows remote attackers to cause a denial of service daemon crash via a large number of c2s aka client2server messages that trigger a queue overload...

5CVSS6.3AI score0.03105EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2010/02/03 7:0 p.m.31 views

CVE-2010-0305

ejabberdc2s.erl in ejabberd before 2.1.3 allows remote attackers to cause a denial of service daemon crash via a large number of c2s aka client2server messages that trigger a queue overload...

5CVSS6.3AI score0.03105EPSS
Exploits0
Rows per page
Query Builder