Lucene search
K

4419 matches found

Kitploit
Kitploit
added 2020/02/24 11:30 a.m.233 views

Liffy - Local File Inclusion Exploitation Tool

LFI Exploitation tool A little python tool to perform Local file inclusion. Liffy v2.0 is the improved version of liffy which was originally created by rotlogix/liffy. The latter is no longer available and the former hasn't seen any development for a long time. Main feature data:// for code...

7.8AI score
Exploits0References5
NVD
NVD
added 2020/02/23 2:15 a.m.22 views

CVE-2020-9351

An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request to /tools/developerConsoleOperations.jsp or /isomorphic/IDACall with malformed XML data in the transaction parameter, the server replies with a verbose error showing where the application resides the...

5.3CVSS5.5AI score0.01072EPSS
Exploits1References2
NVD
NVD
added 2020/02/23 2:15 a.m.22 views

CVE-2020-9352

An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a valid payload in the transaction parameter. NOTE: the documentation states "These tools are, by...

9.8CVSS9.6AI score0.0189EPSS
Exploits1References3
Prion
Prion
added 2020/02/23 2:15 a.m.17 views

Integer overflow

An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a valid payload in the transaction parameter. NOTE: the documentation states "These tools are, by...

7.5CVSS9.4AI score0.0189EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2020/02/23 2:15 a.m.20 views

Directory traversal

An issue was discovered in SmartClient 12.0. The Remote Procedure Call RPC loadFile provided by the console functionality on the /tools/developerConsoleOperations.jsp or /isomorphic/IDACall URL is affected by unauthenticated Local File Inclusion via directory-traversal sequences in the elem XML...

5CVSS7.8AI score0.01508EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/02/23 12:0 a.m.24 views

CVE-2020-9353

An issue was discovered in SmartClient 12.0. The Remote Procedure Call RPC loadFile provided by the console functionality on the /tools/developerConsoleOperations.jsp or /isomorphic/IDACall URL is affected by unauthenticated Local File Inclusion via directory-traversal sequences in the elem XML...

7.8AI score0.01508EPSS
Exploits1References2
Gitee
Gitee
added 2020/02/18 9:25 p.m.4 views

AFLplusplus

This is a code repository for AFLplusplus, a tool for fuzz testing and vulnerability discovery. The repository contains various files and directories related to the project, including configuration files, makefiles, and documentation. The repository is organized as follows: .clang-format is a...

7.1AI score
Exploits0
Fedora
Fedora
added 2020/02/14 1:12 a.m.30 views

[SECURITY] Fedora 30 Update: texlive-base-20180414-37.fc30

The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...

7.8CVSS2.1AI score0.01212EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/02/13 12:0 a.m.236 views

Amazon Linux AMI : python27, python35, python36 (ALAS-2020-1342)

The version of python27 installed on the remote host is prior to 2.7.16-1.131. The version of python35 installed on the remote host is prior to 3.5.7-1.25. The version of python36 installed on the remote host is prior to 3.6.10-1.16. It is, therefore, affected by a vulnerability as referenced in...

6.1CVSS7.1AI score0.04653EPSS
Exploits1References3
Fedora
Fedora
added 2020/02/08 2:5 a.m.44 views

[SECURITY] Fedora 31 Update: texlive-base-20190410-8.fc31

The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...

7.8CVSS2.1AI score0.01212EPSS
Exploits1
OpenVAS
OpenVAS
added 2020/02/08 12:0 a.m.18 views

Fedora: Security Advisory for texlive-base (FEDORA-2020-bb5c663b83)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.7AI score0.01212EPSS
Exploits1References2
Circl
Circl
added 2020/02/06 12:0 a.m.15 views

CVE-2019-15977

creationtimestamp| type| source ---|---|--- 2020-02-06 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48020 2024-03-19 15:16:48+00:00| seen| https://t.me/ctinow/211577...

9.8CVSS7.6AI score0.3811EPSS
Exploits5References2
Photon
Photon
added 2020/02/05 12:0 a.m.41 views

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0271

An update of 'libxml2', 'xerces-c' packages of Photon OS has been released...

6.8CVSS0.9AI score0.09503EPSS
Exploits0
Photon
Photon
added 2020/02/05 12:0 a.m.29 views

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0270

An update of 'sqlite-autoconf' packages of Photon OS has been released...

5CVSS0.9AI score0.06997EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2020/02/04 3:15 p.m.28 views

CVE-2019-9674

Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service resource consumption via a ZIP bomb...

7.5CVSS6.9AI score0.0549EPSS
Exploits0References8
Kitploit
Kitploit
added 2020/02/04 11:0 a.m.66 views

Nfstream - A Flexible Network Data Analysis Framework

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python...

7.1AI score
Exploits0References3
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/02/04 7:36 a.m.65 views

Pen Testing Ships. A year in review

Partially driven by the upcoming inclusion of Cyber Security by the IMO International Maritime Organisation, 2019 was a really busy year for maritime security testing at PTP. What can we all learn from a year of evaluating the security of ships? We’ve been involved in all sorts of ship testing,...

2.1CVSS6.8AI score0.00301EPSS
Exploits0
Photon
Photon
added 2020/02/01 12:0 a.m.31 views

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0203

An update of 'libxml2' packages of Photon OS has been released...

5CVSS0.9AI score0.05515EPSS
Exploits0
Fedora
Fedora
added 2020/01/31 2:2 a.m.39 views

[SECURITY] Fedora 31 Update: python-pillow-6.2.2-1.fc31

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

9.8CVSS1.4AI score0.04212EPSS
Exploits0
0day.today
0day.today
added 2020/01/29 12:0 a.m.98 views

Centreon 19.10.5 - (centreontrapd) Remote Command Execution Exploit

Exploit for php platform in category web applications Exploit Title: Centreon 19.10.5 - 'centreontrapd' Remote Command Execution Exploit Author: Fabien AUNAY, Omri Baso Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested on: CentO...

0.1AI score
Exploits0
Rows per page
Query Builder