Lucene search
+L

358 matches found

Exploit DB
Exploit DB
added 2017/03/24 12:0 a.m.94 views

Netgear WNR2000v5 - 'hidden_lang_avi' Remote Stack Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'time' class MetasploitModule 'NETGEAR WNR2000v5 Unauthenticated hiddenlangavi Stack Overflow', 'Description' = %q The NETGEAR WNR2000 router h...

10CVSS7.4AI score0.8345EPSS
Exploits6
Hacker One
Hacker One
added 2017/03/16 3:41 p.m.33 views

Phabricator: Differential "Show Raw File" feature exposes generated files to unauthorised users

Summary: In certain circumstances, a user or mongoose can see a file from a diff they should not be able to see due to a policy. Preface: We are an app agency using a private Phabricator instance to manage projects. This issue prevents us from allowing clients to access our instance as they would...

7AI score
Exploits0
n0where
n0where
added 2016/11/14 5:57 a.m.25 views

Auditing Web Applications Firewalls: LightBulb

Auditing Web Applications Firewalls LightBulb is an open source python framework for auditing web applications firewalls Web Applications Firewalls WAFs are fundamental building blocks of modern application security. For example, the PCI standard for organizations handling credit card transaction...

6.5AI score
Exploits0References1
Citrix
Citrix
added 2016/10/27 12:0 a.m.6 views

Unable to Delete Differential Disks from LVM and ext3 Storages with Error Displayed on XenCenter

Unable to delete differential disks from Logical Volume Manager LVM or ext3 storages. The error message is displayed on XenCenter as "Vdidelete: EXCEPTION SR.SROSError, Failed to mark VDI hidden opterr=error 22 or attempt to mark VDI as hidden failed."...

7.1AI score
Exploits0
n0where
n0where
added 2016/03/21 4:3 a.m.48 views

Binary Analysis IDE: BinDiff

BinDiff is a comparison tool for binary files that helps to quickly find differences and similarities in disassembled code. It is used by security researchers and engineers across the globe to identify and isolate fixes for vulnerabilities in vendor-supplied patches and to analyze multiple versio...

0.6AI score
Exploits0References1
Fedora
Fedora
added 2016/02/23 7:50 p.m.30 views

[SECURITY] Fedora 22 Update: octave-3.8.2-19.fc22

GNU Octave is a high-level language, primarily intended for numerical computations. It provides a convenient command line interface for solving linear and nonlinear problems numerically, and for performing other numerical experiments using a language that is mostly compatible with Matlab. It may...

5.5CVSS3.1AI score0.01541EPSS
Exploits0
Kitploit
Kitploit
added 2016/01/04 10:50 p.m.24 views

Vuvuzela - Private Messaging System That Hides Metadata

Vuvuzela is a messaging system that protects the privacy of message contents and message metadata. Users communicating through Vuvuzela do not reveal who they are talking to, even in the presence of powerful nation-state adversaries. Our SOSP 2015 paper explains the system, its threat model,...

7.2AI score
Exploits0References2
n0where
n0where
added 2015/12/10 11:28 p.m.20 views

Private Messaging System: Vuvuzela

Vuvuzela is a messaging system that protects the privacy of message contents and message metadata. Users communicating through Vuvuzela do not reveal who they are talking to, even in the presence of powerful nation-state adversaries. Vuvuzela is the first system that provides strong metadata...

1.1AI score
Exploits0References1
ICS
ICS
added 2015/11/20 7:0 a.m.119 views

Yokogawa HART Device DTM Vulnerability

OVERVIEW Alexander Bolshev of Digital Security has identified an improper input vulnerability in the CodeWrights GmbH HART Device Type Manager DTM library utilized in Yokogawa’s HART Device DTM. CodeWrights GmbH has addressed the vulnerability with a new library, which both companies have begun t...

2.1CVSS6.7AI score0.00374EPSS
Exploits0References10
CNVD
CNVD
added 2015/09/01 12:0 a.m.6 views

Type74 ED Sensitive Information Disclosure Vulnerability

Type74 ED is a set of file encryption tools. A security vulnerability exists in Type74 ED versions prior to 4.0, which can be exploited to obtain plaintext data by differential cryptanalysis of files with an initial length of less than 128 bits...

2.6CVSS7.5AI score0.00695EPSS
Exploits0References1
OSV
OSV
added 2015/08/28 3:59 p.m.11 views

AZL-34660 CVE-2015-2987 affecting package ed for versions less than 1.20-1

Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits...

2.6CVSS7.1AI score0.00695EPSS
Exploits0References1
CVE
CVE
added 2015/08/28 2:0 p.m.59 views

CVE-2015-2987

The CVE-2015-2987 issue affects Type74 ED before 4.0, where 128-bit ECB is misused for small files, enabling plaintext exposure via differential cryptanalysis when the file’s original length is

2.6CVSS6.4AI score0.00695EPSS
Exploits0References4Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/08/27 6:3 a.m.8 views

File Encryption Software "ED" where encrypted data may be easier to decipher when files of small size are encrypted

Overview File encyption software "ED" contains an issue when files of small size are encyrpted, they may become easier to decipher in comparison to when files of a larger size are encrypted. When encrypting small files that are smaller than the block size 128 bits, file encryption software "ED"...

2.6CVSS6.5AI score0.00695EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2014/10/31 10:30 a.m.7 views

Google Working on Tool to Gather Stats While Preserving Privacy

Google is working on a new system that enables the company to collect randomized information about the way that users are affected by unwanted software on their machines, without gathering identifying data about the users. The system is known as RAPPOR Randomized Aggregatable Privacy-Preserving...

0.7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2009/06/11 5:40 p.m.13 views

New attack produces quicker SHA-1 collisions

From The H Security Australian researchers have described a new and faster way of provoking collisions of the SHA-1 hash algorithm. With their method, a collision can be found using only 252 attempts. This makes practical attacks feasible and could have an impact on the medium-term use of the...

2.9AI score
Exploits0References3
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.17 views

Fedora Update for dar FEDORA-2007-0904

Check for the Version of dar OpenVAS Vulnerability Test Fedora Update for dar FEDORA-2007-0904 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

5CVSS6.6AI score0.0176EPSS
Exploits0References2
Fedora
Fedora
added 2007/07/05 7:24 p.m.38 views

[SECURITY] Fedora 7 Update: dar-2.3.4-1.fc7

DAR is a command line tool to backup a directory tree and files. DAR is able to make differential backups, split them over a set of disks or files of a given size, use compression, filter files or subtrees to be saved or not saved, directly access and restore given files. DAR is also able to hand...

5CVSS0.4AI score0.0176EPSS
Exploits0
myhack58
myhack58
added 2005/10/01 12:0 a.m.21 views

db_owner permissions to give the webshell two point improvement - - the vulnerability warning-the black bar safety net

| the dbowner permissions to give the webshell two point improvement | ---|--- Reduce backup file size, the resulting executable webshell success rate improved a lot The use of a differential backup Adding a parameter WITH DIFFERENTIAL declare @a sysname,@s nvarchar4 0 0 0 select...

1.6AI score
Exploits0
Rows per page
Query Builder