Lucene search
K

92 matches found

Kitploit
Kitploit
added 2015/07/16 11:33 p.m.614 views

yarGen - A Generator for Yara Rules (for malware researchers)

yarGen is a generator for Yara rules. What does yarGen do? The main principle is the creation of yara rules from strings found in malware files while removing all strings that also appear in goodware files. Since version 0.14.0 it uses naive-bayes-classifier by Mustafa Atik and Nejdet Yucesoy in...

6.9AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/06/30 12:0 a.m.6 views

The vulnerability of the Cisco UCS Central device’s centralized management system allows a perpetrator to gain privileges necessary to execute operating system commands.

The vulnerability of the Cisco UCS Central device management system exists because measures to neutralize the special elements used in the operating system command are not taken. Exploiting this vulnerability can allow a malicious actor, operating locally, to gain privileges necessary to execute...

7.2CVSS5.7AI score0.00582EPSS
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.35 views

PHP 4.x SafeMode Arbitrary File Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2954/info PHP is the Personal HomePage development toolkit, distributed by the PHP.net, and maintained by the PHP Development Team in public domain. A problem with the toolkit could allow elevated privileges, and...

7.1AI score
Exploits0
Fedora
Fedora
added 2014/03/24 6:37 a.m.19 views

[SECURITY] Fedora 19 Update: perltidy-20130922-1.fc19

Perltidy is a Perl script which indents and reformats Perl scripts to make them easier to read. If you write Perl scripts, or spend much time reading them, you will probably find it useful. The formatting can be controlled with command line parameters. The default parameter settings approximately...

7.1CVSS0.3AI score0.00354EPSS
Exploits0
Exploit DB
Exploit DB
added 2012/03/22 12:0 a.m.46 views

Google Talk - 'gtalk://' Deprecated URI Handler Injection

Google Talk gtalk:// Deprecated Uri Handler /gaiaserver Parameter Injection Vulnerability tested against: Internet Explorer 8 Microsoft Windows all versions download url of 1.0.0.104: http://www.google.com/talk/install.html download urls of 1.0.0.105: http://www.google.com/talk/intl/it/...

7AI score
Exploits0
Veeam
Veeam
added 2012/03/11 12:0 a.m.22 views

How to Run Scripts With Veeam One Client

Purpose This article provides additional information about running scripts with Veeam ONE Client. Solution Script Configuration Scripts can be configured for the following action types: As an alarm notification action -- select this option if you want to run a custom script when the alarm is...

6.7AI score
Exploits0Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2011/06/08 12:0 a.m.37 views

Oracle Java Web Start Command Argument Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Java webstar...

9CVSS5AI score0.03051EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2010/04/14 4:10 p.m.10 views

Java Zero-Day Attacks In The Wild

Just days after Google researcher Tavis Ormandy released details on a dangerous new Java vulnerability, malicious hackers have pounced and are exploiting the flaw in the wild to launch drive-by download attacks. Virus hunters have spotted the attacks on a popular song lyrics Web site. Any visitor...

0.6AI score
Exploits0References6
0day.today
0day.today
added 2010/04/09 12:0 a.m.38 views

Java Deployment Toolkit Performs Insufficient Validation of Parameters

Exploit for windows platform in category remote exploits ====================================================================== Java Deployment Toolkit Performs Insufficient Validation of Parameters ====================================================================== Java Deployment Toolkit...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2010/02/25 12:0 a.m.25 views

Bournal information leak

Command line paramters including encryption key are visible in processes list. Insecure temporary files creation...

2.1CVSS3.4AI score0.00348EPSS
Exploits0References2Affected Software1
Exploit DB
Exploit DB
added 2009/03/16 12:0 a.m.28 views

PPLive 1.9.21 - '/LoadModule' URI Handlers Argument Injection

-------------------------------------------------------------------------------- PPLive = 1.9.21 uri handlers "/LoadModule" remote argument injection by Nine:Situations:Group::strawdog -------------------------------------------------------------------------------- software...

7.4AI score
Exploits0
myhack58
myhack58
added 2007/07/12 12:0 a.m.23 views

firefox break 0day high-risk vulnerabilities: Cross Browser Scripting-vulnerability warning-the black bar safety net

firefox break high-risk vulnerabilities, perform local program. At the same time using IE and firefox users, please note that bug fixes it! Monyer published temporary workaround: put the following code into the Run box, run, or saved as. bat double-click to run, or in cmd run: reg delete...

7.6AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2007/04/30 10:19 p.m.2 views

CVE-2007-2054

Multiple format string vulnerabilities in AFFLIB before 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in 1 warn and 2 err calls in a lib/s3.cpp, b tools/afconvert.cpp, c tools/afcopy.cpp, d tools/afinfo.cpp, e aimage/aimage.cpp, f...

7.5CVSS6.2AI score0.03384EPSS
Exploits0References5
Prion
Prion
added 2007/04/30 10:19 p.m.24 views

Format string

Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in 1 warn and 2 err calls, possibly involving a lib/s3.cpp, b tools/afconvert.cpp, c tools/afcopy.cpp, d tools/afinfo.cpp, e aimage/imager.cp...

10CVSS8.2AI score0.05133EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2007/04/30 10:19 p.m.18 views

Format string

Multiple format string vulnerabilities in AFFLIB before 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in 1 warn and 2 err calls in a lib/s3.cpp, b tools/afconvert.cpp, c tools/afcopy.cpp, d tools/afinfo.cpp, e aimage/aimage.cpp, f...

7.5CVSS8.1AI score0.03384EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2007/04/30 10:0 p.m.55 views

CVE-2007-2054

AFFLIB 2.2.6 and earlier contains multiple format-string vulnerabilities exposing several command-line utilities (lib/s3.cpp, tools/afconvert.cpp, tools/afcopy.cpp, tools/afinfo.cpp, aimage/aimage.cpp, aimage/imager.cpp, tools/afxml.cpp) to remote code execution via parameters used as format stri...

7.5CVSS7.8AI score0.03384EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/04/30 10:0 p.m.21 views

CVE-2007-2352

Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in 1 warn and 2 err calls, possibly involving a lib/s3.cpp, b tools/afconvert.cpp, c tools/afcopy.cpp, d tools/afinfo.cpp, e aimage/imager.cp...

7.8AI score0.05133EPSS
Exploits0References3
exploitpack
exploitpack
added 2006/01/10 12:0 a.m.17 views

Cray UNICOS etcnu - -c Option Filename Processing Local Overflow

Cray UNICOS etcnu - -c Option Filename Processing Local Overflow source: https://www.securityfocus.com/bid/16205/info Cray UNICOS is prone to locally exploitable buffer overflow vulnerabilities. These issues are due to insufficient bounds checking of command line parameters in various utilities...

0.3AI score
Exploits0
myhack58
myhack58
added 2005/10/04 12:0 a.m.18 views

On the s6 su Admin Password Sniffer-vulnerability warning-the black bar safety net

A long time ago ago, FlashSky in the security focus of the above is a review Paper On Introduction to the use of the port dynamic re-binding technology Sniffer. The principle is very simple, I will not repeat it, interested can turn out to look. I this little tool is in Him is given the code base...

7.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.33 views

Debian DSA-307-1 : gps - multiple vulnerabilities

gPS is a graphical application to watch system processes. In release 1.1.0 of the gps package, several security vulnerabilities were fixed, as detailed in the changelog : - bug fix on rgpsp connection source acceptation policy it was allowing any host to connect even when the /etc/rgpsp.conf file...

7.5CVSS5.9AI score0.02116EPSS
Exploits0References4
Rows per page
Query Builder