Lucene search
K

744 matches found

0day.today
0day.today
added 2012/01/18 12:0 a.m.27 views

WordPress "WP Cycle Playlist" PLUGIN Multiple Vulnerabilities

Exploit for php platform in category web applications IN THE NAME OF ALLAH BY ASHIYANE DIGITAL SECURITY TEAM TITLE: WORDPRESS "WP Cycle Playlist" PLUGIN Multiple Vulnerabilities DORK : allinurl:wp-cycle-playlist/admin/ 1. REMOTE FILE UPLOAD ......... GO TO .../ADMIN/UPLOAD.PHP FOR UPLOADING SHELL...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2012/01/06 7:26 p.m.41 views

Adobe Plans Critical Security Updates for Reader, Acrobat Next Week

Adobe said on Friday that it will issue critical fixes for its popular Reader and Acrobat products on Tuesday, January 10. The company said it is planning to release updates for Adobe Reader and Acrobat versions X and earlier for both the Windows and Macintosh platforms to fix a slew of critical...

10CVSS1.7AI score0.86238EPSS
Exploits12References1
ThreatPost
ThreatPost
added 2011/06/23 7:9 p.m.16 views

Mozilla Pushes Firefox 5, Do Not Track Feature, New Development Cycle

With the release of Firefox 5 earlier this week, Mozilla has finally added its Do Not Track privacy feature to the company’s flagship browser. The feature, aimed at customizing how users browsing behavior is tracked is the first of its kind that can be implemented across multiple platforms,...

0.3AI score
Exploits0References7
ThreatPost
ThreatPost
added 2011/04/19 4:12 p.m.8 views

Report: Application Security Still Mostly Sucks

The third State of Software Security SOSS report finds that software developers are still doing a poor job of making applications secure. Application testing firm Veracode, which compiled the report, found that 58% of almost 5,000 applications failing a security audit on the first pass – about th...

0.1AI score
Exploits0References2
Metasploit
Metasploit
added 2010/12/29 8:30 p.m.63 views

MS10-087 Microsoft Word RTF pFragments Stack Buffer Overflow (File Format)

This module exploits a stack-based buffer overflow in the handling of the 'pFragments' shape property within the Microsoft Word RTF parser. All versions of Microsoft Office 2010, 2007, 2003, and XP prior to the release of the MS10-087 bulletin are vulnerable. This module does not attempt to explo...

7.8CVSS7.2AI score0.89497EPSS
Exploits14
The Hacker News
The Hacker News
added 2010/11/30 2:23 a.m.18 views

Professional Penetration Testing Guide

Here is the another good book in the field of penetration testing. Unlike other books which aims only at the technical aspects of Penetration testing, this one explains every step involved in the making of a Professional Pentester. Rather than just teaching how to use the existing tools, it does...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2010/11/12 8:29 p.m.9 views

Adobe Readies Patch for Critical Reader, Acrobat Flaws

Adobe Inc. said on Friday that it is planning to release an out-of-cycle update to fix critical security holes in its Reader and Acrobat products, including a fix for a newly disclosed hole that is already being exploited in the wild. In a post on the company’s Product Security Incident Response...

0.7AI score
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2010/11/10 12:0 a.m.18 views

HP Systems Insight Dynamics Detection

HP Systems Insight Dynamics is a infrastructure life cycle management suite that allows you to adjust, provision, and modify many different aspects of infrastructure. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid50540; scriptversion"1.9"; scriptcvsdate"Date:...

5.4AI score
Exploits0References1
ThreatPost
ThreatPost
added 2010/09/15 7:26 p.m.9 views

Unofficial Patch Released for Adobe Reader Bug

As users await the Oct. 4 release of a patch for the CoolType.dll vulnerability in Adobe Reader, a software and security company has published an unofficial patch for the bug that essentially replaces the vulnerable DLL with a patched one. The patch was published Wednesday by RamzAfzar, a softwar...

0.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2010/08/18 2:52 p.m.29 views

Adobe to Issue Emergency Fixes for Reader and Acrobat

Adobe on Thursday will release a fix for a recently publicized critical flaw in its Reader and Acrobat applications. The patches are emergency, out-of-cycle fixes. The vulnerability in Reader and Acrobat was disclosed at the Black Hat conference last month by researcher Charlie Miller during his...

9.3CVSS1.2AI score0.16305EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2010/05/28 5:32 p.m.10 views

This Week In Security: Privacy, RedPhone and Adobe

In case you needed any reminders that privacy is one of the more pressing problems on the Web right now, this week’s news provided plenty of them. Along with stories of Facebook’s continued privacy missteps, this week gave us the gift of Google letting users install some Google code to opt out of...

7.4AI score
Exploits0References11
ThreatPost
ThreatPost
added 2010/05/18 7:1 p.m.41 views

Microsoft to Share Vulnerability Details with Governments

Microsoft today announced plans to share pre-patch details on software vulnerabilities with governments around the world under a new program aimed at securing critical infrastructure and government assets from hacker attacks. The program, codenamed Omega, features a Defensive Information Sharing...

9.3CVSS0.7AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2010/04/14 4:10 p.m.10 views

Java Zero-Day Attacks In The Wild

Just days after Google researcher Tavis Ormandy released details on a dangerous new Java vulnerability, malicious hackers have pounced and are exploiting the flaw in the wild to launch drive-by download attacks. Virus hunters have spotted the attacks on a popular song lyrics Web site. Any visitor...

0.6AI score
Exploits0References6
ThreatPost
ThreatPost
added 2010/03/12 7:6 p.m.13 views

The Cadence of Microsoft Security Patches

By Andrew Storms Every month, like clockwork, Microsoft releases security bulletins and every month people ask me if it’s small or a big release. While the exact details of the patches are generally treated as news, the expected workload each month really shouldn’t be a guessing game because...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2009/03/07 12:0 a.m.17 views

RedHat Security Advisory RHSA-2009:0297

The remote host is missing updates announced in advisory RHSA-2009:0297. In accordance with the Red Hat Enterprise Linux Errata Support Policy, the 7 years life-cycle of Red Hat Enterprise Linux 2.1 will end on May 31 2009. After that date, Red Hat will discontinue the technical support services,...

7.4AI score
Exploits0References2
securityvulns
securityvulns
added 2008/01/09 12:0 a.m.76 views

Microsoft Security Bulletin MS08-002 – Important Vulnerability in LSASS Could Allow Local Elevation of Privilege (943485)

Microsoft Security Bulletin MS08-002 – Important Vulnerability in LSASS Could Allow Local Elevation of Privilege 943485 Published: January 8, 2008 Version: 1.0 General Information Executive Summary This important update resolves a privately reported vulnerability in Microsoft Windows Local Securi...

7.2CVSS1.6AI score0.02571EPSS
Exploits1
myhack58
myhack58
added 2007/01/09 12:0 a.m.65 views

Skillfully crack open someone ASP Trojan password method-vulnerability warning-the black bar safety net

Crack the objective: to crack a encrypted Asp Trojan login password. Since the Trojan there is no version described, specific also don't know what this Trojan is called what name. Crack idea: the two, with the encrypted password replaces the ciphertext and use the ciphertext and the encryption...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2002/10/29 12:0 a.m.35 views

CISCO as5350 crashes with nmap connect scan

I have managed to "reduplicate" at least five times the following scenario with a cisco as5250, with firmwrare 12.2 11t release firmware of cisco: nmap -dinsane -p 1-65535 ip.of.as5350 This causes a "hard" lockup, and the device must be powered off in order to have functionality restored to it...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2001/02/19 12:0 a.m.26 views

Marconi ASX-1000 - Administration Denial of Service

Marconi ASX-1000 - Administration Denial of Service // source: https://www.securityfocus.com/bid/2400/info ASX-1000 Switches are hardware packages developed by Marconi Corporation. ASX-1000 Switches can be used to regulate ATM networks, performing layer-3 switching. A problem with the switch coul...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2000/12/07 12:0 a.m.43 views

Security Advisory: Cisco Catalyst Memory Leak Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Cisco Catalyst Memory Leak Vulnerability Revision 1.0 For Release 2000 December 6 08:00 AM US/Pacific UTC+0700 Summary A series of failed telnet authentication attempts to the switch can cause the Catalyst Switch to fail to pass traffic or accept management...

7.5AI score
Exploits0
Rows per page
Query Builder