8752 matches found
JDK: path traversal flaw in the Diagnostic Tooling Framework
The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java DTFJ IBM SDK, Java Technology Edition 6.0 , 7.0, and 8.0 does not protect against path traversal attacks when extracting compressed dump files. IBM X-Force ID: 144882...
CVE-2018-8479
A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK...
CVE-2018-3679
Escalation of privilege in Reference UI in Intel Data Center Manager SDK 5.0 and before may allow an unauthorized remote unauthenticated user to potentially execute code via administrator privileges...
venturechest.ae XSS vulnerability
Open Bug Bounty ID: OBB-675809 Description| Value ---|--- Affected Website:| venturechest.ae Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Scrounger - Mobile Application Testing Toolkit
Scrounger - a person who borrows from or lives off others. There is no better description for this tool for two main reasons, the first is because this tool takes inspiration from many other tools that have already been published, the second reason is because it lives off mobile application's...
PEDA - Python Exploit Development Assistance For GDB
PEDA - Python Exploit Development Assistance for GDB Key Features: Enhance the display of gdb: colorize and display disassembly codes, registers, memory information during debugging. Add commands to support debugging and exploit development for a full list of commands use peda help: aslr --...
Inside MSRC: Sharing Our Story & Customer Tips
For the last 20 years, the Microsoft Security Response Center has been an integral part of Microsoft’s commitment to customer security. We are often called on to talk about the work we do and how customers can apply the lessons we have learned over that period to better their security posture...
Akamai India's StandTall Program
Diversity and Inclusion is a mission-critical goal at Akamai. In support of this goal, the India Learning and Development team in collaboration with the Women's Forum India employee resource group, launched an initiative that aims to foster a culture of...
Spykeyboard - Keylogger Which Sends Us The Data To Our Gmail
This is a script which allows us to generate an undetectable keylogger which sends the captured keys to our gmail mail. Once we generated our keylogger in our kali linux we would have to pass the .py file to a windows machine to convert it to an .exe. The tool is under development. Install module...
GHSA-8H55-49JM-739X Directory Traversal in easyquick
Affected versions of easyquick resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system. Example...
Security Bulletin: Multiple vulnerabilities in IBM Cognos Business Intelligence affect Rational Reporting for Development Intelligence
Summary There are vulnerabilities in IBM® Cognos Business Intelligence, and the components it ships with, that are used by Rational Reporting for Development Intelligence RRDI. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition Version 7 that is used by IBM...
IBM SDK Directory Traversal Vulnerability
IBM SDK is a set of integrated toolkits for creating, discovering, invoking and testing Web services from IBM in the United States. A security vulnerability exists in IBM SDK Java Technology Edition versions 6.0, 7.0, and 8.0 that stems from the Diagnostic Tooling Framework for Java DTFJ not...
Security Competition Infrastructure Automation Framework: Laforge
Laforge enables rapid development of infrastructure for the purpose of information security competitions. Using a simple and intuitive configuration language, Laforge manages a dependency graph and state management and allows for highly productive remote collaboration. The Laforge engine uses a...
Resource-Counter - This Command Line Tool Counts The Number Of Resources In Different Categories Across Amazon Regions
This command line tool counts the number of resources in different categories across Amazon regions. This is a simple Python app that will count resources across different regions and display them on the command line. It first shows the dictionary of the results for the monitored services on a...
‘China’s MIT’ Linked to Espionage Campaign Against Alaska, Economic Partners
An extensive cyberespionage campaign was disclosed today, targeting high-value international and U.S. government agencies and companies and emanating from an IP address associated with Tsinghua University, colloquially known as “China’s MIT.” The actors have gone after a range of targets, includi...
DependencyCheck v3.3.1 - A Software Composition Analysis Utility That Detects Publicly Disclosed Vulnerabilities In Application Dependencies
Dependency-Check is a Software Composition Analysis SCA tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies. It does this by determining if there is a Common Platform Enumeration CPE identifier for a given dependency. If found, it will generat...
RouterSploit v3.3.0 - Exploitation Framework For Embedded Devices
The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations: exploits - modules that take advantage of identified vulnerabilities creds - modules designed to test credentials against...
The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.
The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected data or cause service failures...
The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.
The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected data or cause service failures...
The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.
The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected data or cause service failures...