Lucene search
K

8698 matches found

Cvelist
Cvelist
added 2015/07/22 10:0 a.m.19 views

CVE-2015-5464

The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export restrictions by leveraging 1 crypto-user or 2 crypto-officer access to an HSM partition...

6.3AI score0.00434EPSS
Exploits0References1
CVE
CVE
added 2015/07/22 10:0 a.m.44 views

CVE-2015-5464

The CVE-2015-5464 entry concerns Gemalto SafeNet Luna HSM. The documented vulnerability allows remote authenticated users to bypass key-export restrictions by leveraging either crypto-user or crypto-officer access to an HSM partition. The core issue is a bypass of export controls within the HSM, ...

1.3CVSS6.5AI score0.00434EPSS
Exploits0References1Affected Software3
RedHat Linux
RedHat Linux
added 2015/07/21 10:32 a.m.36 views

Moderate: Red Hat Security Advisory: libreoffice security, bug fix, and enhancement update

Updated libreoffice packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...

6.8CVSS7.1AI score0.07646EPSS
Exploits0References6
Metasploit
Metasploit
added 2015/07/20 5:13 p.m.40 views

WordPress All-in-One Migration Export

This module allows you to export Wordpress data such as the database, plugins, themes, uploaded files, etc via the All-in-One Migration plugin without authentication. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2015/07/20 2:38 p.m.11 views

Google Calls Proposed U.S. Wassenaar Rules 'Not Feasible'

As the clock winds down on the comment period for the United States government’s proposed implementation of the Wassenaar Arrangement export controls for intrusion software, Google officials say that the rules would have a “significant negative impact” on security research. The Department of...

0.7AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2015/07/17 8:6 a.m.5 views

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...

4.3CVSS6.6AI score0.9986EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2015/07/17 8:4 a.m.16 views

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...

4.3CVSS6.6AI score0.9986EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2015/07/17 8:3 a.m.3 views

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...

4.3CVSS6.6AI score0.9986EPSS
Exploits1References6
0day.today
0day.today
added 2015/07/17 12:0 a.m.26 views

WordPress WP Attachment Export 0.2.3 Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Title: Arbitrary File Download in WP Attachment Export Wordpress Plugin v0.2.3 Submitter: Nitin Venkatesh Product: WP Attachment Export Wordpress Plugin Product URL: https://wordpress.org/plugins/wp-attachment-export/ Vulnerability Type:...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2015/07/15 12:37 p.m.4 views

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...

4.3CVSS6.6AI score0.9986EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2015/07/15 12:35 p.m.8 views

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...

4.3CVSS6.6AI score0.9986EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2015/07/15 12:1 p.m.7 views

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...

4.3CVSS6.6AI score0.9986EPSS
Exploits1References6
ThreatPost
ThreatPost
added 2015/07/15 11:6 a.m.10 views

Coalition of Security Companies Forms to Oppose Wassenaar Rules

A large group of security companies have formed a coalition to oppose the proposed rules from the Department of Commerce that would regulate the export of so-called intrusion software, a broad term that researchers and legal experts are concerned would limit security research and development. The...

0.1AI score
Exploits0References1
WPVulnDB
WPVulnDB
added 2015/07/15 12:0 a.m.11 views

WP Attachment Export <= 0.2.3 - Unauthenticated File Download

The WP Attachment Export WordPress plugin was affected by an Unauthenticated File Download security vulnerability...

2.8AI score
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2015/07/15 12:0 a.m.26 views

WordPress WP Attachment Export 0.2.3 Arbitrary File Download

Title: Arbitrary File Download in WP Attachment Export Wordpress Plugin v0.2.3 Submitter: Nitin Venkatesh Product: WP Attachment Export Wordpress Plugin Product URL: https://wordpress.org/plugins/wp-attachment-export/ Vulnerability Type: Arbitrary File Download Affected Versions: v0.2.3 Tested...

7.4AI score
Exploits0
Patchstack
Patchstack
added 2015/07/15 12:0 a.m.9 views

WordPress Attachment Export Plugin <= 0.2.3 - Unauthenticated File Download

Because of this vulnerability, an unauthenticated user can download the XML data that holds all the details of attachments/posts on a Wordpress powered site. Solution Update the plugin...

1.7AI score
Exploits0References2Affected Software1
0day.today
0day.today
added 2015/07/14 12:0 a.m.24 views

WordPress Image Export 1.1 Arbitrary File Download Vulnerability

WordPress Image Export plugin version 1.1 suffers from an arbitrary file download vulnerability. Title: Remote file download vulnerability in Wordpress Plugin image-export v1.1 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-01 Download Site: https://wordpress.org/plugins/image-export Vendor:...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2015/07/14 12:0 a.m.21 views

WordPress Image Export 1.1 Arbitrary File Download

Title: Remote file download vulnerability in Wordpress Plugin image-export v1.1 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-01 Download Site: https://wordpress.org/plugins/image-export Vendor: www.1efthander.com Vendor Notified: 2015-07-05 Vendor Contact: https://twitter.com/1eftHander...

7AI score
Exploits0
Kitploit
Kitploit
added 2015/07/10 3:31 p.m.75 views

Johnny - GUI for John the Ripper

Johnny is a cross-platform open-source GUI for the popular password cracker John the Ripper. Features 1. user could start, pause and resume attack though only one session is allowed globally, 2. all attack related options work, 3. all input file formats are supported pure hashes, pwdump, passwd,...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2015/07/08 12:0 a.m.78 views

Blueberry Express 5.9.0.3678 - Local Buffer Overflow (SEH)

Document Title: =============== Blueberry Express v5.9.x - SEH Buffer Overflow Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1535 Video: http://www.vulnerability-lab.com/getcontent.php?id=1537 Release Date: ============= 2015-06-29...

7.4AI score
Exploits0
Rows per page
Query Builder