2428 matches found
Trend Micro Deep Security 6.5 - XML External Entity Injection / Local Privilege Escalation / Remote Code Execution
The following advisory describes three 3 vulnerabilities found in Trend Micro Deep Security version 6.5. “The Trend Micro Hybrid Cloud Security solution, powered by XGen security, delivers a blend of cross-generational threat defense techniques that have been optimized to protect physical,...
Trend Micro Deep Discovery Email Inspector Arbitrary File Upload Vulnerability
Trend Micro Deep Discovery Email Inspector is network security software. An arbitrary file upload vulnerability exists in Trend Micro Deep Discovery Email Inspector. An attacker can exploit this vulnerability to upload arbitrary files to an affected system, which could result in the execution of...
Trend Micro Deep Discovery Email Inspector policy_setting Arbitrary File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within policysetting.php. The issue results from the lack of prope...
CVE-2017-6181
The parsecharclass function in regparse.c in the Onigmo aka Oniguruma-mod regular expression library, as used in Ruby 2.4.0, allows remote attackers to cause a denial of service deep recursion and application crash via a crafted regular expression...
CVE-2017-6181
The parsecharclass function in regparse.c in the Onigmo aka Oniguruma-mod regular expression library, as used in Ruby 2.4.0, allows remote attackers to cause a denial of service deep recursion and application crash via a crafted regular expression...
CVE-2017-6181
The CVE-2017-6181 entry corresponds to an unbounded recursion flaw in the Onigmo (Oniguruma-mod) regular expression library’s parse_char_class function (regparse.c) used by Ruby 2.4.0. A crafted regular expression can cause a remote attacker to trigger deep recursion and a potential application c...
CVE-2017-6181
The parsecharclass function in regparse.c in the Onigmo aka Oniguruma-mod regular expression library, as used in Ruby 2.4.0, allows remote attackers to cause a denial of service deep recursion and application crash via a crafted regular expression...
Path traversal
Unquoted executable path vulnerability in Client Management and Gateway components in McAfee now Intel Security ePO Deep Command eDC 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path...
CVE-2015-8988
Unquoted executable path vulnerability in Client Management and Gateway components in McAfee now Intel Security ePO Deep Command eDC 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path...
CVE-2015-8988
Unquoted executable path vulnerability in Client Management and Gateway components in McAfee now Intel Security ePO Deep Command eDC 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path...
CVE-2015-8988
CVE-2015-8988 concerns an unquoted executable path vulnerability in the McAfee/ePO Deep Command (eDC) Client Management and Gateway components. The affected versions are eDC 2.2 and 2.1. The issue allows an authenticated user to execute arbitrary commands by dropping a malicious file in the unquo...
Trend Micro Deep Discovery Email Inspector download_pdf Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within downloadpdf.php. The issue results from the lack of proper...
Trend Micro Deep Discovery Email Inspector write_new_html_with_svg Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within writenewhtmlwithsvg.php. The issue results from the lack of...
Trend Micro Deep Discovery Email Inspector db_export Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within dbexport.php. The issue results from the lack of proper...
Trend Micro Deep Discovery Email Inspector reboot_after_hotfix Denial of Service Vulnerability
This vulnerability allows remote attackers to create a denial of service condition on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within rebootafterhotfix.php. The issue results from...
Trend Micro Deep Discovery Email Inspector ajax_checklicense_AC Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxchecklicenseAC.php. The issue results from the lack of...
Trend Micro Deep Discovery Email Inspector network_dump Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within networkdump.php. The issue results from the lack of proper...
Detects Clickbait Headlines Using Deep Learning: Clickbait Detector
Detects Clickbait Headlines Using Deep Learning People continually fall for clickbait and as Wired in it’s article mentioned Whether you think clickbait is on the rise, obscurant and self-negating, not such a big deal, or the root of all evil, one thing is clear about it: It’s increasingly hard t...
deep-pwning - Metasploit for Machine Learning
Deep-pwning is a lightweight framework for experimenting with machine learning models with the goal of evaluating their robustness against a motivated adversary. Note that deep-pwning in its current state is no where close to maturity or completion. It is meant to be experimented with, expanded...
ONIOFF - Onion URL Inspector
A simple tool - written in pure python - for inspecting Deep Web URLs or onions. Compatible with Python 2.6 & 2.7. Author: Nikolaos Kamarinakis nikolaskama.me Installation You can download ONIOFF by cloning the Git Repo and simply installing its requirements: $ git clone...