Lucene search
K

8752 matches found

Kitploit
Kitploit
added 2018/12/24 8:31 p.m.99 views

PA Toolkit - A Collection Of Traffic Analysis Plugins Focused On Security

PA Toolkit is a collection of traffic analysis plugins to extend the functionality of Wireshark from a micro-analysis tool and protocol dissector to the macro analyzer and threat hunter. PA Toolkit contains plugins both dissectors and taps covering various scenarios for multiple protocols,...

7.2AI score
Exploits0References1
CNVD
CNVD
added 2018/12/20 12:0 a.m.3 views

Buffer Overflow Vulnerability in Hikvision Video Playback Library SDK

Hikvision Playback Library SDK is a secondary development kit related to playback of Hikvision embedded network DVRs, video servers, and supporting products for IP devices. A buffer overflow vulnerability exists in the Hikvision Video Playback Library SDK. An attacker can exploit the vulnerabilit...

7.7AI score
Exploits0
CNVD
CNVD
added 2018/12/20 12:0 a.m.5 views

Zhejiang Dahua Playback Library SDK suffers from denial-of-service vulnerability (CNVD-2019-00117)

Playback Library SDK is a development kit based on Dahua's private code stream encapsulation protocol developed to serve network DVRs, network video servers, network cameras, network dome cameras, intelligent devices and other products. A denial of service vulnerability exists in the Zhejiang Dah...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2018/12/19 12:0 a.m.3 views

PT-2023-16570 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: gpac/gpac versions prior to 2.3.0-DEV Description: A Heap-based Buffer Overflow issue has been identified. The estimated number of potentially affected devices and details about real-world incidents are not provided. Recommendations: For...

9.8CVSS7.9AI score0.04615EPSS
Exploits150References372
RedHat Linux
RedHat Linux
added 2018/12/18 3:51 p.m.5 views

OpenJDK: Infinite loop in RIFF format reader (Sound, 8205361)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Sound. Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with...

5.3CVSS7.3AI score0.07EPSS
Exploits0References4
Vulnerability Lab
Vulnerability Lab
added 2018/12/17 12:0 a.m.118 views

NetChat v7.8 - Persistent Cross Site Scripting Vulnerability

Document Title: =============== NetChat v7.8 - Persistent Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2171 Video: https://www.vulnerability-lab.com/getcontent.php?id=2174...

3.5CVSS5.6AI score0.00515EPSS
Exploits2
CNVD
CNVD
added 2018/12/12 12:0 a.m.2 views

SQL Injection Vulnerability in Fully Graphical Application Development Environment V2010

The full graphical application system development environment is developed by Jiangsu Lianbang Information Technology Co., Ltd. and is mainly used in the government, education industry, medical industry website. A SQL injection vulnerability exists in Full Graphical Application Development...

7.9AI score
Exploits0
Kitploit
Kitploit
added 2018/12/11 11:39 a.m.79 views

DevAudit - Open-source, Cross-Platform, Multi-Purpose Security Auditing Tool

DevAudit is an open-source, cross-platform, multi-purpose security auditing tool targeted at developers and teams adopting DevOps and DevSecOps that detects security vulnerabilities at multiple levels of the solution stack. DevAudit provides a wide array of auditing capabilities that automate...

7.5AI score
Exploits0References30
Imperva Blog
Imperva Blog
added 2018/12/04 2:45 p.m.47 views

Hey Belfast, Imperva’s Moving Into The Neighborhood

As a local, I’m very excited to be Imperva’s first Belfast hire, in charge of spinning up the operation in our new European location. Imperva provides best-in-class data and application security solutions on premises, in the cloud, and in hybrid environments. As we position ourselves for the next...

1.1AI score
Exploits0
ThreatPost
ThreatPost
added 2018/11/30 2:30 p.m.16 views

Newsmaker Interview: Katie Moussouris on Improving Bug Bounty Programs

Bug bounty programs continue to increase in popularity – but that popularity has its downsides. Since the launch of the Hack the Pentagon program in 2016, bug bounty programs have quickly grown in popularity. Bugcrowd’s State of Bug Bounty report this year found that the number of programs launch...

7.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2018/11/27 7:55 p.m.18 views

Cheetah Mobile Blames SDKs for Rampant Ad Fraud in Its Android Apps

Cheetah Mobile is finding itself in a swirl of media attention after being accused of developing mobile apps that contain deliberate ad fraud features. But the mobile giant says it didn’t do it. The Chinese developer, which is listed as a top provider in Google Play’s tool app category, offers...

Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/11/26 12:0 a.m.15 views

openSUSE Security Update : libwpd (openSUSE-2018-1463)

This update for libwpd fixes the following issues : Security issue fixed : - CVE-2018-19208: illegal address access inside libwpd at function WP6ContentListener:defineTable bsc1115713. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network...

6.5CVSS5.8AI score0.01488EPSS
Exploits1References2
Kitploit
Kitploit
added 2018/11/23 12:43 p.m.37 views

Sheepl - Creating Realistic User Behaviour For Supporting Tradecraft Development Within Lab Environments

Sheepl : Creating realistic user behaviour for supporting tradecraft development within lab environments Introduction There are lots of resources available online relating to how you can build AD network environments for the development of blue team and red team tradecraft. However the current...

6.8AI score
Exploits0References1
n0where
n0where
added 2018/11/21 6:9 p.m.101 views

Investigate Inline Hooks: PE-sieve

PE-sieve is a light-weight tool that helps to detect malware running on the system, as well as to collect the potentially malicious material for further analysis. Recognizes and dumps variety of implants within the scanned process: replaced/injected PEs, shellcodes, hooks, and other in-memory...

2.2AI score
Exploits0References1
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2018/11/19 12:0 a.m.27 views

Stable Channel Update for Desktop

The stable channel has been updated to 70.0.3538.110 for Windows, Mac, and Linux, which will roll out over the coming days/weeks. A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The...

8.8CVSS8.7AI score0.00895EPSS
Exploits0Affected Software1
myhack58
myhack58
added 2018/11/18 12:0 a.m.278 views

VirtualBox virtual machine latest escape vulnerability E1000 0day detailed analysis of under-vulnerability warning-the black bar safety net

Recently, Russian security researcher Sergey Zelenyuk released for VirtualBox 5.2.20 early version of the zero-day exploit detailed information, these versions can allow an attacker to escape the virtual machine and executed on the host RING 3-layer code. Then, the attacker can take advantage of...

1.1AI score
Exploits0
Kitploit
Kitploit
added 2018/11/17 1:13 p.m.76 views

Pacu - The AWS Exploitation Framework, Designed For Testing The Security Of Amazon Web Services Environments

Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its...

7.5AI score
Exploits0References7
Qualys Blog
Qualys Blog
added 2018/11/17 12:11 a.m.67 views

QSC18: API Security, Enabling Innovation Without Enabling Attacks and Data Breaches

Without APIs, it would be near impossible to see enterprises being able to digitally transform themselves. After all, APIs are the connective-tissue between applications and systems and they make the management, automation and consumption of technology possible at scale. APIs are what enable...

7.8AI score
Exploits0
Kaspersky
Kaspersky
added 2018/11/13 12:0 a.m.366 views

KLA11358 Multiple vulnerabilities in Microsoft Development Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft PowerShell can be exploited...

9.8CVSS8.7AI score0.2264EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2018/11/08 3:53 p.m.5 views

JBoss/WildFly: iiop does not honour strict transport confidentiality

The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when SSL transport is required. Servers before this version that are configured with the following setting allow clients to create plaintext connections:...

5.9CVSS5.8AI score0.01112EPSS
Exploits0References4
Rows per page
Query Builder