Lucene search
+L

35 matches found

Kitploit
Kitploit
added 2020/11/30 8:30 p.m.52 views

GG-AESY - Hide Cool Stuff In Images

Blogpost: https://redteamer.tips/introducing-gg-aesy-a-stegocryptor/ WARNING: you might need to restore NuGet packages and restart visual studio before compiling. If anyone knows how I can get rid of this problem, DM me. Manual To start off, I highly recommend to always use GG-AESY using verbose...

7.1AI score
Exploits0References1
OSV
OSV
added 2020/06/15 7:34 p.m.41 views

GHSA-2PPP-9496-P23Q Insufficient Entropy in Spring Security

Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has...

6.5CVSS6.4AI score0.01594EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2020/06/15 7:34 p.m.37 views

Insufficient Entropy in Spring Security

Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has...

6.5CVSS4.7AI score0.01594EPSS
Exploits0References6Affected Software1
Veracode
Veracode
added 2020/05/15 1:1 a.m.23 views

Information Disclosure

spring-security-core is vulnerable to Information Disclosure. The vulnerability exists as it uses a fixed null initialization vector with CBC Mode for the queryable text encryptor rather than handling the null value passed to the function BCryptPasswordEncoder.encode, thereby allowing a user with...

6.5CVSS1.8AI score0.01594EPSS
Exploits0References5Affected Software2
UbuntuCve
UbuntuCve
added 2020/05/14 6:15 p.m.46 views

CVE-2020-5408

Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has...

6.5CVSS6.7AI score0.01594EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/05/14 5:15 p.m.31 views

CVE-2020-5408 Dictionary attack with Spring Security queryable text encryptor

Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has...

6.6AI score0.01594EPSS
Exploits0References4
CVE
CVE
added 2020/05/14 5:15 p.m.131 views

CVE-2020-5408

CVE-2020-5408 (IBM) affects IBM Sterling Connect:Direct Web Services. A fixed null initialization vector in CBC mode for the queryable text encryptor may allow a dictionary attack to derive unencrypted values, exposing sensitive information. Remediation is via upgrading to supported fixes: IBM St...

6.5CVSS6.5AI score0.01594EPSS
Exploits0References4Affected Software2
Spring Security Advisories
Spring Security Advisories
added 2020/05/07 12:0 a.m.6 views

Dictionary attack with Spring Security queryable text encryptor

Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has...

6.5CVSS6.5AI score0.01594EPSS
Exploits0References1
OSV
OSV
added 2018/08/24 9:29 p.m.6 views

CVE-2018-15576

An issue was discovered in EasyLogin Pro through 1.3.0. Encryptor.php contains an unserialize call that can be exploited for remote code execution in the decrypt function, if the attacker knows the key...

8.1CVSS6.3AI score0.09675EPSS
Exploits5References2
OSV
OSV
added 2018/04/05 1:29 p.m.5 views

CVE-2018-1000147

An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them...

6.5CVSS5.8AI score0.00858EPSS
Exploits0References1
Kitploit
Kitploit
added 2018/03/30 8:39 p.m.347 views

B4Tm4N - PHP WEBSHELL

Features 0 File Manager 1 Sec. Info 2 Simply Database 3 Interactive terminal 4 PHP Reverse Back Connect 5 Run PHP Code 6 Custom Toolz 7 Self Script Encryptor ! Download B4Tm4N...

7.4AI score
Exploits0References1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.91 views

OWASP ESAPI Security Advisory: MAC Bypass in ESAPI Symmetric Encryption

OWASP ESAPI for Java Security Advisory 1 The OWASP Foundation MAC Bypass in ESAPI Symmetric Encryption Summary ======= Category: Symmetric cryptography Module: ESAPI Encryptor interface Announced: 2013-08-23 via ESAPI-Dev mailing list...

2.6CVSS9AI score0.02426EPSS
Exploits1
Vulnerability Lab
Vulnerability Lab
added 2011/08/04 12:0 a.m.26 views

CodeLock Encrypter v2.7 - Multiple Web Vulnerabilities

Document Title: =============== CodeLock Encrypter v2.7 - Multiple Web Vulnerabilities Release Date: ============= 2011-08-04 Vulnerability Laboratory ID VL-ID: ==================================== 102 Product & Service Introduction: =============================== The PHP/HTML Encryptor & The...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2011/08/04 12:0 a.m.17 views

CodeLock Encrypter v2.7 - Multiple Web Vulnerabilities

Document Title: =============== CodeLock Encrypter v2.7 - Multiple Web Vulnerabilities Release Date: ============= 2011-08-04 Vulnerability Laboratory ID VL-ID: ==================================== 102 Product & Service Introduction: =============================== The PHP/HTML Encryptor & The...

0.4AI score
Exploits0
0day.today
0day.today
added 2008/12/09 12:0 a.m.16 views

linux x86 shellcode obfuscator

Exploit for linux/x86 platform in category shellcode ============================== linux x86 shellcode obfuscator ============================== / sm4x - 2008 = sm4x0rcist a7 gmail d07 com - sh3llc0der.c v0.1 beta - elf binary shellcode encryptor, NULL free for IDS payload bypassing - key is a...

7AI score
Exploits0
Rows per page
Query Builder