7991 matches found
ROPGenerator - Tool That Helps You Building ROP Exploits By Finding And Chaining Gadgets Together
ROPGenerator is a tool that makes ROP exploits easy. It enables you to automatically find gadgets or build ROP chains. The current version supports x86 and x64 binaries. Overview ROPGenerator uses the tool ROPgadget https://github.com/JonathanSalwan/ROPgadget to extract gadgets from binaries and...
Intrigue-Core - Discover Your Attack Surface
Intrigue-core is a framework for automated attack surface discovery. There are a number of use cases: Application and Infrastructure Asset Discovery Security Research and Vulnerability Discovery Malware Campaign Research & Indicator Enrichment Exploratory OSINT Research If you'd like assistance...
VulnCheck KEV: CVE-2017-1000353
Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would be deserialized using a new ObjectInputStream, bypassing the existing blocklist-based...
CVE-2018-13110
CVE-2018-13110 affects all ADB Broadband Gateways/Routers based on the Epicentro platform. The root cause is a privilege-escalation via Linux group manipulation, enabling an attacker to gain CLI access even if it was previously disabled by the ISP and to escalate privileges, potentially compromis...
Ubuntu: Security Advisory (USN-3702-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ADB Broadband Gateways Routers - Privilege Escalation
ADB Broadband Gateways Routers - Privilege Escalation SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Privilege escalation via linux group manipulation product: All ADB Broadband Gateways / Routers based on Epicentro...
ADB Broadband Gateways / Routers - Privilege Escalation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Privilege escalation via linux group manipulation product: All ADB Broadband Gateways / Routers based on Epicentro platform vulnerable version: Hardware: ADB P.RG AV4202N...
ADB Group Manipulation Privilege Escalation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Privilege escalation via linux group manipulation product: All ADB Broadband Gateways / Routers based on Epicentro platform vulnerable version: Hardware: ADB P.RG AV4202N...
Security Bulletin: IBM Data Server Driver for ODBC and CLI is affected by multiple vulnerabilities in the GSKit library
Summary IBM Data Server Driver for ODBC and CLI is affected by multiple vulnerabilities in the GSKit library. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error when parsing DSA private keys. An attacker could exploi...
Unable to create any LDAP/radius policy
-Unable to create ldap/radius policy with nstrue. -Getting error: Invalid rule. -Through CLI also getting same error...
CVE-2018-1351
A Cross-site Scripting XSS vulnerability in Fortinet FortiManager 6.0.0, 5.6.6 and below versions allows attacker to execute HTML/javascript code via managed remote devices CLI commands by viewing the remote device CLI config installation log...
Cross site scripting
A Cross-site Scripting XSS vulnerability in Fortinet FortiManager 6.0.0, 5.6.6 and below versions allows attacker to execute HTML/javascript code via managed remote devices CLI commands by viewing the remote device CLI config installation log...
CVE-2018-1351
A Cross-site Scripting XSS vulnerability in Fortinet FortiManager 6.0.0, 5.6.6 and below versions allows attacker to execute HTML/javascript code via managed remote devices CLI commands by viewing the remote device CLI config installation log...
CVE-2018-1351
Fortinet FortiManager products are affected (versions 6.0.0 and 5.6.6 and earlier). The vulnerability is a Cross-site Scripting (XSS) flaw that can allow an attacker to execute HTML/JavaScript in the administrator’s browser by viewing CLI configuration logs from managed remote devices (and also w...
CVE-2018-1351
A Cross-site Scripting XSS vulnerability in Fortinet FortiManager 6.0.0, 5.6.6 and below versions allows attacker to execute HTML/javascript code via managed remote devices CLI commands by viewing the remote device CLI config installation log...
Stego-Toolkit - Collection Of Steganography Tools (Helps With CTF Challenges)
This project is a Docker image useful for solving Steganography challenges as those you can find at CTF platforms like hackthebox.eu. The image comes preinstalled with many popular see list below and several screening scripts you can use check simple things for instance, run checkjpg.sh image.jpg...
Indonesian Penetration Testing LFS: Dracos Linux
Dracos Linux is the Linux operating system from Indonesian, open source is built based on the Linux From Scratch under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing penetration testing...
Cisco NX-OS Arbitrary Command Execution Vulnerability
Cisco NX-OS Software is the United States Cisco Cisco company's set of data center-oriented operating system. An input validation vulnerability exists in the role-based access detection mechanism in Cisco NX-OS Software, which stems from the program's lack of file system validation and input...
CVE-2018-0306
A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by...
CVE-2018-0302
A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could...