4243 matches found
Downloads Resources over HTTP
Overview Affected versions of haxe-dev insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on...
Linux Kernel 4.6.3 Netfilter Privilege Escalation Exploit
This Metasploit module attempts to exploit a netfilter bug on Linux Kernels before 4.6.3, and currently only works against Ubuntu 16.04 not 16.04.1 with kernel 4.4.0-21-generic. Several conditions have to be met for successful exploitation. This module requires Metasploit:...
Magento Community Edition < 1.9.2.2 Multiple Vulnerabilities
Binary data 9678.prm...
Android - Binder Generic ASLR Leak Vulnerability
Exploit for Android platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=889 The interaction between the kernel /dev/binder and the usermode Parcel.cpp mean that when a binder object is passed as BINDERTYPEBINDER or BINDERTYPEWEAKBINDER, a pointer to th...
Witbe Remote Code Execution
!/usr/bin/python Exploit Title: Witbe RCE Remote Code Execution Exploit Author: BeLmar Date: 05/10/2016 DEMO : https://youtu.be/ooUFXfUfIs0 Contact : [email protected] Vendor Homepage: http://www.witbe.net Tested on: Windows7/10 & BackBox Category: Remote Exploits import urllib import urllib2...
SUSE SLES11 Security Update : openssl (SUSE-SU-2016:2458-1)
This update for openssl fixes the following issues: OpenSSL Security Advisory 22 Sep 2016 bsc999665 Severity: High - OCSP Status Request extension unbounded memory growth CVE-2016-6304 bsc999666 Severity: Low - Pointer arithmetic undefined behavior CVE-2016-2177 bsc982575 - Constant time flag not...
openSUSE: Security Advisory for openssl (openSUSE-SU-2016:2407-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for openssl (important)
This update for openssl fixes the following issues: OpenSSL Security Advisory 22 Sep 2016 bsc999665 Severity: High OCSP Status Request extension unbounded memory growth CVE-2016-6304 bsc999666 Severity: Low Pointer arithmetic undefined behaviour CVE-2016-2177 bsc982575 Constant time flag not...
openSUSE Security Update : openssl (openSUSE-2016-1130)
This update for openssl fixes the following issues : OpenSSL Security Advisory 22 Sep 2016 boo999665 Severity: High - OCSP Status Request extension unbounded memory growth CVE-2016-6304 boo999666 Severity: Low - Pointer arithmetic undefined behaviour CVE-2016-2177 boo982575 - Constant time flag n...
SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2016:2394-1)
This update for openssl fixes the following issues: OpenSSL Security Advisory 22 Sep 2016 bsc999665 Severity: High - OCSP Status Request extension unbounded memory growth CVE-2016-6304 bsc999666 Severity: Low - Pointer arithmetic undefined behaviour CVE-2016-2177 bsc982575 - Constant time flag no...
Security update for openssl (important)
This update for openssl fixes the following issues: OpenSSL Security Advisory 22 Sep 2016 boo999665 Severity: High OCSP Status Request extension unbounded memory growth CVE-2016-6304 boo999666 Severity: Low Pointer arithmetic undefined behaviour CVE-2016-2177 boo982575 Constant time flag not...
Linux Kernel 4.6.3 Netfilter Privilege Escalation Vulnerability
This Metasploit module attempts to exploit a netfilter bug on Linux Kernels befoe 4.6.3, and currently only works against Ubuntu 16.04 not 16.04.1 with kernel 4.4.0-21-generic. Several conditions have to be met for successful exploitation: Ubuntu: 1. iptables.ko ubuntu, iptableraw fedora has to b...
SUSE SLES12 Security Update : openssl (SUSE-SU-2016:2387-1)
This update for openssl fixes the following issues: OpenSSL Security Advisory 22 Sep 2016 bsc999665 Severity: High - OCSP Status Request extension unbounded memory growth CVE-2016-6304 bsc999666 Severity: Low - Pointer arithmetic undefined behaviour CVE-2016-2177 bsc982575 - Constant time flag no...
Matrimonial Website Script 1.0.2 - SQL Injection Vulnerability
Exploit for php platform in category web applications Application Name : Matrimonial Website Script v1.0.2 Google Dork : inurl:viewfullprofile1.php?id= Exploit Author : Cyber Warrior | Bug Researchers Group | N4TuraL Author Contact : https://twitter.com/byn4tural Vendor Homepage :...
Matrimonial Website Script 1.0.2 - SQL Injection
Application Name : Matrimonial Website Script v1.0.2 Google Dork : inurl:viewfullprofile1.php?id= Exploit Author : Cyber Warrior | Bug Researchers Group | N4TuraL Author Contact : https://twitter.com/byn4tural Vendor Homepage : http://www.i-netsolution.com/ Vulnerable Type : SQL Injection Date :...
LamaHub 0.0.6.2 - Remote Buffer Overflow
LamaHub 0.0.6.2 - Remote Buffer Overflow Exploit Title: LamaHub-0.0.6.2 BufferOverflow Date: 09/09/09 Exploit Author: Pi3rrot Vendor Homepage: http://lamahub.sourceforge.net/ Software Link: http://ovh.dl.sourceforge.net/sourceforge/lamahub/LamaHub-0.0.6.2.tar.gz Version: 0.0.6.2 Tested on: Debian...
UBUNTU-CVE-2016-5342
Heap-based buffer overflow in the wcnsswlanwrite function in drivers/net/wireless/wcnss/wcnsswlan.c in the wcnsswlan device driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to cause a denial of...
CVE-2016-5342
Heap-based buffer overflow in the wcnsswlanwrite function in drivers/net/wireless/wcnss/wcnsswlan.c in the wcnsswlan device driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to cause a denial of...
Debian DSA-3643-1 : kde4libs - security update
Andreas Cord-Landwehr discovered that kde4libs, the core libraries for all KDE 4 applications, do not properly handle the extraction of archives with '../' in the file paths. A remote attacker can take advantage of this flaw to overwrite files outside of the extraction folder, if a user is tricke...
A2SV - Auto Scanning to SSL Vulnerability
█████╗ ██████╗ ███████╗██╗ ██╗ ██╔══██╗╚════██╗██╔════╝██║ ██║ ███████║ █████╔╝███████╗██║ ██║ .o oOOOOOOOo ██╔══██║██╔═══╝ ╚════██║╚██╗ ██╔╝ OOOo Ob.OOOOOOOo O ██║ ██║███████╗███████║ ╚████╔╝ .adOOOOOOO OboO'''''''''' ╚═╝ ╚═╝╚══════╝╚══════╝ ╚═══╝ ''''''''''OO OOP.oOOOOOOOOOOO 'POOOOOOOOOOOo...