CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ThreatPost•added 2015/07/20 2:38 p.m.•11 views

Google Calls Proposed U.S. Wassenaar Rules 'Not Feasible'

As the clock winds down on the comment period for the United States government’s proposed implementation of the Wassenaar Arrangement export controls for intrusion software, Google officials say that the rules would have a “significant negative impact” on security research. The Department of...

0.7AI score

Exploits0References2

RedHat Linux•added 2015/07/17 8:6 a.m.•2 views

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...

RedHat Linux•added 2015/07/17 8:4 a.m.•14 views

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

RedHat Linux•added 2015/07/17 8:3 a.m.•1 views

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

0day.today•added 2015/07/17 12:0 a.m.•26 views

WordPress WP Attachment Export 0.2.3 Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Title: Arbitrary File Download in WP Attachment Export Wordpress Plugin v0.2.3 Submitter: Nitin Venkatesh Product: WP Attachment Export Wordpress Plugin Product URL: https://wordpress.org/plugins/wp-attachment-export/ Vulnerability Type:...

7.1AI score

RedHat Linux•added 2015/07/15 12:37 p.m.•2 views

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

RedHat Linux•added 2015/07/15 12:35 p.m.•7 views

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

RedHat Linux•added 2015/07/15 12:1 p.m.•5 views

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

ThreatPost•added 2015/07/15 11:6 a.m.•10 views

Coalition of Security Companies Forms to Oppose Wassenaar Rules

A large group of security companies have formed a coalition to oppose the proposed rules from the Department of Commerce that would regulate the export of so-called intrusion software, a broad term that researchers and legal experts are concerned would limit security research and development. The...

0.1AI score

Exploits0References1

Patchstack•added 2015/07/15 12:0 a.m.•8 views

WordPress Attachment Export Plugin <= 0.2.3 - Unauthenticated File Download

Because of this vulnerability, an unauthenticated user can download the XML data that holds all the details of attachments/posts on a Wordpress powered site. Solution Update the plugin...

1.7AI score

Exploits0References2Affected Software1

WPVulnDB•added 2015/07/15 12:0 a.m.•11 views

WP Attachment Export <= 0.2.3 - Unauthenticated File Download

The WP Attachment Export WordPress plugin was affected by an Unauthenticated File Download security vulnerability...

2.8AI score

Exploits0References3Affected Software1

Packet Storm•added 2015/07/15 12:0 a.m.•26 views

WordPress WP Attachment Export 0.2.3 Arbitrary File Download

Title: Arbitrary File Download in WP Attachment Export Wordpress Plugin v0.2.3 Submitter: Nitin Venkatesh Product: WP Attachment Export Wordpress Plugin Product URL: https://wordpress.org/plugins/wp-attachment-export/ Vulnerability Type: Arbitrary File Download Affected Versions: v0.2.3 Tested...

7.4AI score

0day.today•added 2015/07/14 12:0 a.m.•23 views

WordPress Image Export 1.1 Arbitrary File Download Vulnerability

WordPress Image Export plugin version 1.1 suffers from an arbitrary file download vulnerability. Title: Remote file download vulnerability in Wordpress Plugin image-export v1.1 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-01 Download Site: https://wordpress.org/plugins/image-export Vendor:...

7.2AI score

Packet Storm•added 2015/07/14 12:0 a.m.•20 views

WordPress Image Export 1.1 Arbitrary File Download

Title: Remote file download vulnerability in Wordpress Plugin image-export v1.1 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-01 Download Site: https://wordpress.org/plugins/image-export Vendor: www.1efthander.com Vendor Notified: 2015-07-05 Vendor Contact: https://twitter.com/1eftHander...

7AI score

Kitploit•added 2015/07/10 3:31 p.m.•75 views

Johnny - GUI for John the Ripper

Johnny is a cross-platform open-source GUI for the popular password cracker John the Ripper. Features 1. user could start, pause and resume attack though only one session is allowed globally, 2. all attack related options work, 3. all input file formats are supported pure hashes, pwdump, passwd,...

7.1AI score

exploitpack•added 2015/07/08 12:0 a.m.•27 views

Blueberry Express 5.9.0.3678 - Local Buffer Overflow (SEH)

Blueberry Express 5.9.0.3678 - Local Buffer Overflow SEH Document Title: =============== Blueberry Express v5.9.x - SEH Buffer Overflow Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1535 Video:...

0.1AI score

Exploit DB•added 2015/07/08 12:0 a.m.•78 views

Blueberry Express 5.9.0.3678 - Local Buffer Overflow (SEH)

Document Title: =============== Blueberry Express v5.9.x - SEH Buffer Overflow Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1535 Video: http://www.vulnerability-lab.com/getcontent.php?id=1537 Release Date: ============= 2015-06-29...

7.4AI score