Lucene search
K

4423 matches found

Hacker One
Hacker One
added 2018/08/12 8:11 a.m.47 views

Ed: Physical Laptop Takeover

At 6:16PM of August 11th of 2018, during H1-702, right before the sand storm beat the shit out of the rooftop party, we managed to perform a critical attack on Ed's infrastructure. F332214 Report Summary During our analysis and reconnaissance of how Ed program worked during the h1-702 event, we...

7AI score
Exploits0
Fedora
Fedora
added 2018/08/09 4:53 p.m.44 views

[SECURITY] Fedora 27 Update: kernel-tools-4.17.12-100.fc27

This package contains the tools/ directory from the kernel source and the supporting documentation...

7.8CVSS1.9AI score0.00566EPSS
Exploits0
Fedora
Fedora
added 2018/08/08 4:11 p.m.49 views

[SECURITY] Fedora 28 Update: kernel-tools-4.17.12-200.fc28

This package contains the tools/ directory from the kernel source and the supporting documentation...

7.8CVSS1.9AI score0.00566EPSS
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/08/08 6:41 a.m.50 views

Tamper proofing review: the iZettle card payment terminal

Tamper resistance is an increasingly important factor in smart devices. Together with secure hardware design and defensive coding, it can deliver a very secure device. One of the most common areas the average consumer will encounter tamper resistant devices is in payment terminals, or Pin Entry...

6.7AI score
Exploits0
Fedora
Fedora
added 2018/08/07 1:19 a.m.29 views

[SECURITY] Fedora 28 Update: mailman-2.1.29-1.fc28

Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from...

6.5CVSS0.4AI score0.02541EPSS
Exploits0
Hacker One
Hacker One
added 2018/08/06 11:41 a.m.28 views

Node.js third-party modules: Command Injection Vulnerability in win-fork/win-spawn Packages

I would like to report a command injection vulnerability in win-fork and win-spawn packages. It allows an attacker to inject multiple commands in exec-like manner. Module module name: win-spawn version: 2.0.0 npm page: https://www.npmjs.com/package/win-spawn npm page:...

0.8AI score
Exploits0
Photon
Photon
added 2018/08/02 12:0 a.m.42 views

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0170

An update of 'mysql' packages of Photon OS has been released...

5.5CVSS0.9AI score0.03683EPSS
Exploits0
n0where
n0where
added 2018/08/01 3:1 p.m.45 views

Advanced Man in the Middle Attack Framework: Evilginx

Evilginx is an attack framework for setting up phishing pages. Instead of serving templates of sign-in pages lookalikes, Evilginx becomes a relay between the real website and the phished user . Phished user interacts with the real website, while Evilginx captures all the data being transmitted...

0.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/07/30 12:0 a.m.32 views

FreeBSD : GIMP - Heap Buffer Overflow Vulnerability (bfda2d80-0858-11e8-ad5c-0021ccb9e74d)

GNOME reports : CVE-2017-17786 Out of bounds read / heap overflow in tga importer / function bgr2rgb.part.1 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine and contributors...

7.8CVSS6.3AI score0.01337EPSS
Exploits0References3
Kitploit
Kitploit
added 2018/07/29 10:46 p.m.17 views

WTF - A Personal Information Dashboard For Your Terminal

A personal terminal-based dashboard utility, designed for displaying infrequently-needed, but very important, daily data. Quick Start Download and run the latest binary or install from source: go get -u github.com/senorprogrammer/wtf cd $GOPATH/src/github.com/senorprogrammer/wtf make install make...

7.4AI score
Exploits0References2
Veeam
Veeam
added 2018/07/24 12:0 a.m.19 views

Notification Emails From Veeam Backup for Microsoft 365 Are Sent in an Unexpected Language

Challenge Email notifications sent by Veeam Backup for Microsoft 365 unexpectedly contain Chinese characters. Cause The issue is caused by an encoding conflict. By default, Veeam Backup for Microsoft 365 uses UTF-16 character encoding, and the problem appears under the following circumstances: Us...

5.8AI score
Exploits0Affected Software1
Fedora
Fedora
added 2018/07/23 9:24 p.m.31 views

[SECURITY] Fedora 28 Update: mailman-2.1.26-4.fc28

Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from...

5.4CVSS0.4AI score0.02048EPSS
Exploits0
Kitploit
Kitploit
added 2018/07/21 10:30 p.m.28 views

Scout2 - Security Auditing Tool For AWS Environments

Scout2 is a security tool that lets AWS administrators assess their environment's security posture. Using the AWS API, Scout2 gathers configuration data for manual inspection and highlights high-risk areas automatically. Rather than pouring through dozens of pages on the web, Scout2 supplies a...

7.2AI score
Exploits0References3
Fedora
Fedora
added 2018/07/20 5:46 p.m.32 views

[SECURITY] Fedora 28 Update: rust-1.27.1-2.fc28

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...

7.8CVSS2.5AI score0.01819EPSS
Exploits0
Fedora
Fedora
added 2018/07/20 4:59 p.m.32 views

[SECURITY] Fedora 27 Update: rust-1.27.1-2.fc27

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...

7.8CVSS2.5AI score0.01819EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2018/07/17 3:0 p.m.52 views

5 ways to find and fix open source vulnerabilities

Guest post by Limor Wainstein A recent discovery of surreptitious execution of cryptomining code by a sandboxed app, riding piggyback on the open source software OSS ecosystem, raises pertinent questions about the security of open source code and its dependencies. Programmers often use OSS as a...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2018/07/16 9:53 p.m.26 views

LogonTracer - Investigate Malicious Windows Logon By Visualizing And Analyzing Windows Event Log

Investigate malicious logon by visualizing and analyzing Windows active directory event logs. Concept LogonTracer associates a host name or an IP address and account name found in logon-related events and displays it as a graph. This way, it is possible to see in which account login attempt occur...

7.3AI score
Exploits0References5
Circl
Circl
added 2018/07/13 12:0 a.m.15 views

CVE-2018-0708

creationtimestamp| type| source ---|---|--- 2018-07-13 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/45015 2024-10-10 11:12:45+00:00| seen| https://t.me/CyberSecurityTechnologies/156...

9CVSS7.6AI score0.26329EPSS
Exploits5References2
Circl
Circl
added 2018/07/13 12:0 a.m.12 views

CVE-2018-12981

creationtimestamp| type| source ---|---|--- 2018-07-13 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/45014...

5.4CVSS6.8AI score0.05175EPSS
Exploits6References1
Circl
Circl
added 2018/07/13 12:0 a.m.12 views

CVE-2018-0709

creationtimestamp| type| source ---|---|--- 2018-07-13 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/45015...

9CVSS6.8AI score0.13616EPSS
Exploits5References1
Rows per page
Query Builder