Lucene search
K

2594 matches found

Fedora
Fedora
added 2017/11/01 12:13 a.m.38 views

[SECURITY] Fedora 26 Update: glusterfs-3.10.6-4.fc26

GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over Infiniband RDMA or TCP/IP interconnect into one large parallel network file system. GlusterFS is one of the most sophisticated file systems in terms of features and...

3.3CVSS1.3AI score0.00316EPSS
Exploits0
n0where
n0where
added 2017/10/31 5:45 a.m.18 views

A Managed Password Cracking Tool: GoCrack

FireEye’s Innovation and Custom Engineering ICE team released a tool called GoCrack that allows red teams to efficiently manage password cracking tasks across multiple GPU servers by providing an easy-to-use, web-based real-time UI to create, view, and manage tasks. Simply deploy a GoCrack server...

1.1AI score
Exploits0References3
n0where
n0where
added 2017/10/28 5:48 p.m.21 views

Distributed File Analysis Framework: Assemblyline

Assemblyline is a scalable distributed file analysis framework . It is designed to process millions of files per day but can also be installed on a single box. Canada’s electronic spy agency says it is taking the “unprecedented step” of releasing one of its own cyber defence tools to the public, ...

1.3AI score
Exploits0References4
n0where
n0where
added 2017/10/28 4:50 a.m.105 views

Fastest and Most Advanced Password Recovery Utility: Hashcat

hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and macOS, and has facilities to help enab...

Exploits0References1
Microsoft KB
Microsoft KB
added 2017/10/10 7:0 a.m.103 views

Description of the security update for SharePoint Enterprise Server 2016: October 10, 2017

Description of the security update for SharePoint Enterprise Server 2016: October 10, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, s...

9.3CVSS7.7AI score0.81627EPSS
Exploits3
Kitploit
Kitploit
added 2017/10/06 9:30 p.m.34 views

Nzyme - Collects 802.11 Management Frames And Sends Them To A Graylog Setup For Wifi Ids, Monitoring, And Incident Response

Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog Open Source log management setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode. Think about this like a long-term months or years...

6AI score
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2017/10/05 12:0 a.m.6 views

Vulnerabilities include the browser of the event log, settings of distributed switches, and the content library of the management server for virtual infrastructure VMware vCenter Server, which allows attackers to access confidential information.

The vulnerability of the event log browser, distributed switch configuration settings, and the content library of the VMware vCenter Server management server is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability can allow a malicious actor to...

4CVSS7.2AI score0.01885EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2017/10/04 5:12 a.m.32 views

samba: SMB2 connections don't keep encryption across DFS redirects

A flaw was found in the way samba client used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack...

7.4CVSS7.3AI score0.04595EPSS
Exploits0References5
Fedora
Fedora
added 2017/09/28 11:56 p.m.38 views

[SECURITY] Fedora 25 Update: mercurial-3.8.1-4.fc25

Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Quick start: http://www.selenic.com/mercurial/wiki/index.cgi/QuickStart Tutorial: http://www.selenic.com/mercurial/wiki/index.cgi/Tutorial Extensions:...

10CVSS0.8AI score0.05734EPSS
Exploits1
Kitploit
Kitploit
added 2017/09/23 9:53 p.m.24 views

TCPCopy - A TCP Stream Replay Tool

TCPCopy is a TCP stream replay tool to support real testing of Internet server applications. Description Although the real live flow is important for the test of Internet server applications, it is hard to simulate it as online environments are too complex. To support more realistic testing of...

7.7AI score
Exploits0References4
OSV
OSV
added 2017/09/21 4:45 p.m.2 views

USN-3426-1 samba vulnerabilities

Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a machine-in-the-middle attack. CVE-2017-12150 Stefan Metzmacher discovered that Samba incorrectly handled encryption across DFS redirects. A remote...

7.4CVSS6.7AI score0.13228EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/09/21 2:6 p.m.17 views

samba: SMB2 connections don't keep encryption across DFS redirects

A flaw was found in the way samba client used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack...

7.4CVSS7.3AI score0.04595EPSS
Exploits0References5
OSV
OSV
added 2017/09/20 12:0 a.m.3 views

UBUNTU-CVE-2017-12151

A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the...

7.4CVSS7AI score0.04595EPSS
Exploits0References4
Akamai Blog
Akamai Blog
added 2017/09/18 3:44 p.m.47 views

Taking the Fight Where It Belongs

This Guest blog was written by Robert Mahowald, a Group Vice President at IDC who leads IDC's Worldwide Applications research practice, in addition to co-leading IDC's Cloud Services: Global Overview program. A surprising set of facts emerged from the most recent quarterly installment of IDC's...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2017/09/10 2:0 p.m.15 views

CrackLord - Queue and Resource System For Cracking Passwords

CrackLord is a system designed to provide a scalable, pluggable, and distributed system for both password cracking as well as any other jobs needing lots of computing resources. Better said, CrackLord is a way to load balance the resources, such as CPU, GPU, Network, etc. from multiple hardware...

7.2AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/09/05 12:0 a.m.45 views

Debian DSA-3963-1 : mercurial - security update

Several issues were discovered in Mercurial, a distributed revision control system. - CVE-2017-9462 fixed in stretch only Jonathan Claudius of Mozilla discovered that repositories served over stdio could be tricked into granting authorized users access to the Python debugger. - CVE-2017-1000115...

10CVSS7.2AI score0.21512EPSS
Exploits2References12
Fedora
Fedora
added 2017/08/29 3:20 p.m.45 views

[SECURITY] Fedora 26 Update: mercurial-4.2.3-1.fc26

Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Quick start: http://www.selenic.com/mercurial/wiki/index.cgi/QuickStart Tutorial: http://www.selenic.com/mercurial/wiki/index.cgi/Tutorial Extensions:...

10CVSS0.8AI score0.05734EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2017/08/23 9:17 a.m.4 views

OpenJDK: incorrect handling of references in DGC (RMI, 8163958)

It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...

9CVSS7.7AI score0.02971EPSS
Exploits0References4
OSV
OSV
added 2017/08/18 5:29 p.m.3 views

DEBIAN-CVE-2015-7945

The RESTful control interface aka RAPI or ganeti-rapi in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain the DRBD secret via instance information job resul...

7.5CVSS7.3AI score0.09356EPSS
Exploits4References1
Ubuntu
Ubuntu
added 2017/08/18 5:46 a.m.87 views

USN-3396-1: OpenJDK 7 vulnerabilities

It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a jpeg image file that when opened by a Java application would cause a denial of service. CVE-2017-10053 It was discovered that the JAR verifier ...

9.6CVSS7.6AI score0.05034EPSS
Exploits0
Rows per page
Query Builder