CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3446 matches found

Kitploit•added 2020/12/05 9:23 p.m.•79 views

ADSearch - A Tool To Help Query AD Via The LDAP Protocol

A tool written for cobalt-strike's execute-assembly command that allows for more efficent querying of AD. Key Features List all Domain Admins Custom LDAP Search Connect to LDAPS Servers Output JSON data from AD instances Retrieve custom attributes from a generic query i.e. All computers Usage...

7.4AI score

Exploits0References1

HackRead•added 2020/12/04 7:23 a.m.•34 views

The Evolution and Development of Hacking

By David Balaban In the world of computers, to perform any action, including malicious actions, tools are needed - software. Any cyberattack requires its own set of tools. Yes, it is obvious but let us dive into details. There are many ready-made exploits and viruses sold on the network for almos...

2.3AI score

Exploits0

OSV•added 2020/11/19 6:15 p.m.•1 views

CVE-2020-12510

The default installation path of the TwinCAT XAR 3.1 software in all versions is underneath C:\TwinCAT. If the directory does not exist it and further subdirectories are created with permissions which allow every local user to modify the content. The default installation registers TcSysUI.exe for...

7.3CVSS7.2AI score0.00839EPSS

Exploits0References1

Schneier on Security•added 2020/11/14 6:35 p.m.•41 views

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at the ISC² Security Congress 2020, November 16, 2020. I’ll be on a panel at the OECD Global Blockchain Policy Forum 2020 on November 17, 2020. The panel is called "Deep Dive: Digital Security and Distributed Ledger...

0.1AI score

Exploits0

OSV•added 2020/11/12 7:15 p.m.•2 views

CVE-2020-12337

Improper buffer restrictions in firmware for some IntelR NUCs may allow a privileged user to potentially enable escalation of privilege via local access...

6.7CVSS6AI score0.00318EPSS

Exploits0References1

0day.today•added 2020/10/28 12:0 a.m.•12 views

IP Watcher v3.0.0.30 - (PACService.exe) Unquoted Service Path Vulnerability

Exploit Title: IP Watcher v3.0.0.30 - 'PACService.exe' Unquoted Service Path Exploit Author: Mohammed Alshehri Vendor Homepage: https://www.gearboxcomputers.com/ Software Link: https://www.gearboxcomputers.com/files/IPWatcherSetup.exe Version: 3.0.0.30 Tested on: Microsoft Windows 10 Education -...

0.7AI score

Exploits0

Openbugbounty•added 2020/10/19 5:39 p.m.•9 views

tuxedocomputers.com Cross Site Scripting vulnerability OBB-1425697

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0

Schneier on Security•added 2020/10/15 11:1 a.m.•37 views

US Cyber Command and Microsoft Are Both Disrupting TrickBot

Earlier this month, we learned that someone is disrupting the TrickBot botnet network. Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot, an enormous collection of more than two million malware-infected Windows PCs that are constantly...

0.5AI score

Exploits0

ThreatPost•added 2020/10/07 7:15 p.m.•36 views

Feds Sound Alarm Over Emotet Attacks on State, Local Govs

A dramatic uptick in Emotet phishing attacks since July has led the U.S. Cybersecurity and Infrastructure Security Agency CISA to issue a warning that state and local governments need to fortify their systems against the trojan. “This increase has rendered Emotet one of the most prevalent ongoing...

0.1AI score

Exploits0References13

HackRead•added 2020/10/06 6:23 p.m.•35 views

UEFI malware named MosaicRegressor found on Diplomat computers

By Sudais Asif This UEFI based malware is the second of its kind ever known publicly. This is a post from HackRead.com Read the original post: UEFI malware named MosaicRegressor found on Diplomat computers...

2.9AI score

Exploits0

HackRead•added 2020/09/29 6:38 p.m.•23 views

13-year-old student arrested for hacking school computers

By Deeba Ahmed The student faces a felony charge for allegedly hacking an Indiana school district's computer system. This is a post from HackRead.com Read the original post: 13-year-old student arrested for hacking school computers...

3.2AI score

Exploits0

HackRead•added 2020/09/26 10:2 p.m.•83 views

Microsoft investigating Windows XP, Server 2003 source code leak

By Waqas Microsoft Windows XP may be old but still powers roughly 1% of all desktop and laptop computers worldwide. This is a post from HackRead.com Read the original post: Microsoft investigating Windows XP, Server 2003 source code leak...

2.5AI score

Exploits0

Schneier on Security•added 2020/09/24 11:18 a.m.•26 views

Iranian Government Hacking Android

The New York Times wrote about a still-unreleased report from Chckpoint and the Miaan Group: The reports, which were reviewed by The New York Times in advance of their release, say that the hackers have successfully infiltrated what were thought to be secure mobile phones and computers belonging ...

1AI score

Exploits0

Github Security Blog•added 2020/09/04 4:43 p.m.•19 views

Malicious Package in bitconi-ops

All versions of this package contained malware. The package was designed to find and exfiltrate cryptocurrency wallets. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated...

3.4AI score

Exploits0References2Affected Software1

Github Security Blog•added 2020/09/04 4:41 p.m.•21 views

Malicious Package in bitcoisnj-lib

3.4AI score

Exploits0References2Affected Software1

Github Security Blog•added 2020/09/04 3:41 p.m.•18 views

Malicious Package in bitcionjslib

3.7AI score

Exploits0References2Affected Software1

OSV•added 2020/09/04 3:36 p.m.•5 views

GHSA-HWH3-FHF6-73X9 Malicious Package in bictoinjs-lib