Lucene search
K

8752 matches found

RedHat Linux
RedHat Linux
added 2018/09/17 2:54 p.m.5 views

JDK: path traversal flaw in the Diagnostic Tooling Framework

The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java DTFJ IBM SDK, Java Technology Edition 6.0 , 7.0, and 8.0 does not protect against path traversal attacks when extracting compressed dump files. IBM X-Force ID: 144882...

7.4CVSS7.2AI score0.04513EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2018/09/13 12:29 a.m.3 views

CVE-2018-8479

A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK...

6.8CVSS5.5AI score0.02131EPSS
Exploits0References3
OSV
OSV
added 2018/09/12 7:29 p.m.5 views

CVE-2018-3679

Escalation of privilege in Reference UI in Intel Data Center Manager SDK 5.0 and before may allow an unauthorized remote unauthenticated user to potentially execute code via administrator privileges...

9.6CVSS5.9AI score0.0123EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2018/09/12 5:29 p.m.13 views

venturechest.ae XSS vulnerability

Open Bug Bounty ID: OBB-675809 Description| Value ---|--- Affected Website:| venturechest.ae Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Kitploit
Kitploit
added 2018/09/09 9:12 p.m.154 views

Scrounger - Mobile Application Testing Toolkit

Scrounger - a person who borrows from or lives off others. There is no better description for this tool for two main reasons, the first is because this tool takes inspiration from many other tools that have already been published, the second reason is because it lives off mobile application's...

7AI score
Exploits0References8
Kitploit
Kitploit
added 2018/09/08 1:20 p.m.242 views

PEDA - Python Exploit Development Assistance For GDB

PEDA - Python Exploit Development Assistance for GDB Key Features: Enhance the display of gdb: colorize and display disassembly codes, registers, memory information during debugging. Add commands to support debugging and exploit development for a full list of commands use peda help: aslr --...

7.5AI score
Exploits0References1
MSRC
MSRC
added 2018/09/07 4:6 p.m.52 views

Inside MSRC: Sharing Our Story & Customer Tips

For the last 20 years, the Microsoft Security Response Center has been an integral part of Microsoft’s commitment to customer security. We are often called on to talk about the work we do and how customers can apply the lessons we have learned over that period to better their security posture...

7.5AI score
Exploits0
Akamai Blog
Akamai Blog
added 2018/09/06 4:0 a.m.14 views

Akamai India's StandTall Program

Diversity and Inclusion is a mission-critical goal at Akamai. In support of this goal, the India Learning and Development team in collaboration with the Women's Forum India employee resource group, launched an initiative that aims to foster a culture of...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2018/09/02 9:33 p.m.148 views

Spykeyboard - Keylogger Which Sends Us The Data To Our Gmail

This is a script which allows us to generate an undetectable keylogger which sends the captured keys to our gmail mail. Once we generated our keylogger in our kali linux we would have to pass the .py file to a windows machine to convert it to an .exe. The tool is under development. Install module...

7.1AI score
Exploits0References1
OSV
OSV
added 2018/08/29 11:21 p.m.12 views

GHSA-8H55-49JM-739X Directory Traversal in easyquick

Affected versions of easyquick resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system. Example...

5.3CVSS5.1AI score0.01704EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/23 7:15 p.m.40 views

Security Bulletin: Multiple vulnerabilities in IBM Cognos Business Intelligence affect Rational Reporting for Development Intelligence

Summary There are vulnerabilities in IBM® Cognos Business Intelligence, and the components it ships with, that are used by Rational Reporting for Development Intelligence RRDI. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition Version 7 that is used by IBM...

9.8CVSS0.8AI score0.78675EPSS
Exploits11Affected Software1
CNVD
CNVD
added 2018/08/22 12:0 a.m.2 views

IBM SDK Directory Traversal Vulnerability

IBM SDK is a set of integrated toolkits for creating, discovering, invoking and testing Web services from IBM in the United States. A security vulnerability exists in IBM SDK Java Technology Edition versions 6.0, 7.0, and 8.0 that stems from the Diagnostic Tooling Framework for Java DTFJ not...

7.4CVSS7AI score0.04513EPSS
Exploits0References1
n0where
n0where
added 2018/08/21 4:53 p.m.17 views

Security Competition Infrastructure Automation Framework: Laforge

Laforge enables rapid development of infrastructure for the purpose of information security competitions. Using a simple and intuitive configuration language, Laforge manages a dependency graph and state management and allows for highly productive remote collaboration. The Laforge engine uses a...

Exploits0References1
Kitploit
Kitploit
added 2018/08/17 1:9 p.m.14 views

Resource-Counter - This Command Line Tool Counts The Number Of Resources In Different Categories Across Amazon Regions

This command line tool counts the number of resources in different categories across Amazon regions. This is a simple Python app that will count resources across different regions and display them on the command line. It first shows the dictionary of the results for the monitored services on a...

7.1AI score
Exploits0References1
ThreatPost
ThreatPost
added 2018/08/16 5:6 p.m.16 views

‘China’s MIT’ Linked to Espionage Campaign Against Alaska, Economic Partners

An extensive cyberespionage campaign was disclosed today, targeting high-value international and U.S. government agencies and companies and emanating from an IP address associated with Tsinghua University, colloquially known as “China’s MIT.” The actors have gone after a range of targets, includi...

0.2AI score
Exploits0References7
Kitploit
Kitploit
added 2018/08/14 12:54 p.m.25 views

DependencyCheck v3.3.1 - A Software Composition Analysis Utility That Detects Publicly Disclosed Vulnerabilities In Application Dependencies

Dependency-Check is a Software Composition Analysis SCA tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies. It does this by determining if there is a Common Platform Enumeration CPE identifier for a given dependency. If found, it will generat...

7.2AI score
Exploits0References6
Kitploit
Kitploit
added 2018/08/13 12:37 p.m.30 views

RouterSploit v3.3.0 - Exploitation Framework For Embedded Devices

The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations: exploits - modules that take advantage of identified vulnerabilities creds - modules designed to test credentials against...

7.6AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2018/08/10 12:0 a.m.9 views

The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected data or cause service failures...

8.5CVSS7.8AI score0.01489EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/10 12:0 a.m.5 views

The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected data or cause service failures...

8.5CVSS7.8AI score0.01769EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/10 12:0 a.m.6 views

The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected data or cause service failures...

8.5CVSS7.8AI score0.01769EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder