CVE-2018-11799

Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users. The malicious user can construct an XML that results workflows running in other user's name...

UBUNTU-CVE-2018-18359

Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

chromium-browser: Out of bounds read in V8

Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

Code injection

In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible for a malicious user to construct a URL pointing to a Spark cluster's UI's job and stage info pages, and if a user can be tricked into accessing the URL, can be used to cause script to execute and expose information from the...

UBUNTU-CVE-2017-15924

In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the addserver, buildconfig, and constructcommandline functions...

IIS6. 0 remote command execution shellcode construct-vulnerability warning-the black bar safety net

Author: Vulntor Date: 2017/03/29 0x00 Preface Yesterday broke the iis6. 0 Vulnerability, CVE-2017-7269 of the poc so many web Dog miserable. As a web dog, I also naive to think that a calculator will pop-up, in fact, the process already appeared to calc. exe process, but it does not appear the...

Unauthorized Access Vulnerability in Deephaven Jet Mixcall Customer Service System

Ltd. is a company that focuses on the research, development, manufacturing and sales of call centers and converged communication products. mixcall is one of the company's customer service systems. An unauthorized access vulnerability exists in the SZHJ Mixcall customer service system. Due to a la...

FastIR Collector - Windows Incident Response Tool

This tool collects different artefacts on live Windows and records the results in csv files. With the analyses of this artefacts, an early compromission can be detected. Requirements pywin32 python WMI python psutil python yaml construct distorm3 hexdump pytz Execution ./fastIRx64.py -h for help...

Wordpress Theme Construct Arbitrary File Download Vulnerability

This exploit allows attacker to download any writable file from the server Usage Info Put the path of the file in the file's field of the exploit ,then click "Download" button then you get the file directly Title : Wordpress Theme Construct Arbitrary File Download Vulnerability Author : Aloulou...

Python tools for Pentesters

If you are involved in vulnerability research, reverse engineering or penetration testing, I suggest to try out the Python programming language. It has a rich set of useful libraries and programs. This page lists some of them. Most of the listed tools are written in Python, others are just Python...

CVE-2012-1162

Heap-based buffer overflow in the zipreadcdir function in zipopen.c in libzip 0.10 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a zip archive with the number of directories set to 0, related to an "incorrect loop construct."...

Магические методы, сериализация, инъекции в сессию и все-все-все

==-1== Введение Изначально писал для себя, как небольшой сборник полезных идей, в итоге вылилось вот в такую статью. Особого опыта в написании публикаций у меня нет, так что ногами не пинать, я старался Перед переходом к практическим примерам рассмотрим теоретически основы используемых функций...

What is Information Security?

Recently, I’ve heard some bits and pieces about how Information Security InfoSec can be “threat-centric” or “vulnerability-centric”. This stuck me funny for a number of reasons, mainly it showed a basic bias towards what InfoSec is. And to me, InfoSec is too complex to be described as...

CVE-2006-3810

Cross-site scripting XSS vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapperwindow.Function construct...

FreeBSD : Cyrus IMAPd -- APPEND command uses undefined programming construct (31952117-3d17-11d9-8818-008088034841)

To support MULTIAPPENDS the cmdappend handler uses the global stage array. This array is one of the things that gets destructed when the fatal function is triggered. When the Cyrus IMAP code adds new entries to this array this is done with the help of the postfix increment operator in combination...