725 matches found
CVE-2017-17910
On Hoermann BiSecur devices before 2018, a vulnerability can be exploited by recording a single radio transmission. An attacker can intercept an arbitrary radio frame exchanged between a BiSecur transmitter and a receiver to obtain the encrypted packet and the 32-bit serial number. The intercepti...
Red-Gate SQL Monitor 3.10 4.2 - Authentication Bypass
Red-Gate SQL Monitor 3.10 4.2 - Authentication Bypass Exploit Title: Red-Gate SQL Monitor authentication bypass Version: Redgate SQL Monitor before 3.10 and 4.x before 4.2 Date: 2017-08-10 Red-Gate made a security announcement and publicly released the fixed version more than two years before thi...
Red-Gate SQL Monitor < 3.10/4.2 - Authentication Bypass Vulnerability
Exploit for windows platform in category web applications Exploit Title: Red-Gate SQL Monitor authentication bypass Version: Redgate SQL Monitor before 3.10 and 4.x before 4.2 Date: 2017-08-10 Red-Gate made a security announcement and publicly released the fixed version more than two years before...
Red-Gate SQL Monitor Authentication Bypass
Exploit Title: Red-Gate SQL Monitor authentication bypass Version: Redgate SQL Monitor before 3.10 and 4.x before 4.2 Date: 2017-08-10 Red-Gate made a security announcement and publicly released the fixed version more than two years before this exploit was published Vendor Advisory:...
Red-Gate SQL Monitor < 3.10 / 4.2 - Authentication Bypass
Exploit Title: Red-Gate SQL Monitor authentication bypass Version: Redgate SQL Monitor before 3.10 and 4.x before 4.2 Date: 2017-08-10 Red-Gate made a security announcement and publicly released the fixed version more than two years before this exploit was published Vendor Advisory:...
Oracle golden gate critical vulnerability analysis-vulnerability warning-the black bar safety net
In this article, we will once again prove over-reliance on automation tool will allow people to ignore off a lot of potential danger, at the same time, we will also discuss some of the relevant Oracle Golden Gate technical level of the important weaknesses vulnerability, and to show you yet anoth...
Terror Exploit Kit Evolves Into Larger Threat
The relatively new Terror exploit kit is bucking the downward trend in the EK market, and is steadily evolving into more of a threat. Researchers at Cisco Talos said Terror has abandoned an early strategy that included “carpet-bombing” a target’s browser to one that now uses exploits that precise...
Locky, Cerber Ransomware Skilled at Avoiding Detection
The latest versions of Cerber and Locky ransomware have been, since mid-January, finding great success in bypassing existing security detection systems through the use of a common infrastructure that allows the malicious code to bury itself inside NSIS installers, and use several layers of...
HEVD kernel vulnerability training-with Windows play-bug warning-the black bar safety net
For this training of the research study will kernel vulnerability principle, the use of the way, under Windows many common data structures have a preliminary understanding, from the open Ring0 gate. HEVD project address: https://github.com/hacksysteam/HackSysExtremeVulnerableDriver For the kernel...
autovpn - Easily connect to a VPN in a country of your choice
autovpn is a tool to automatically connect you to a random VPN in a country of your choice. It uses openvpn to connect you to a server obtained from VPN Gate. Compiling First clone the repo and cd into the directory: $ git clone https://github.com/adtac/autovpn $ cd autovpn Then run this to...
x86: Mishandling of SYSCALL singlestep during emulation
ISSUE DESCRIPTION The typical behaviour of singlestepping exceptions is determined at the start of the instruction, with a DB trap being raised at the end of the instruction. SYSCALL and SYSRET, although we don't implement it behave differently because the typical behaviour allows userspace to...
Command Execution Vulnerability in China_gate_edit_op.php, the Security Isolation Gateway of Beijing Yuanwei Software Co.
Beijing Yuanwei Software Co., Ltd. security isolation gateway is a multi-network security isolation system based on terminal virtualization technology and network virtualization technology. A command execution vulnerability exists in chinagateeditop.php, the security isolation gateway of Beijing...
Command Execution Vulnerability in the Security Isolation Gateway china_gate_add_op.php at Beijing Yuanwei Software Co.
Beijing Yuanwei Software Co., Ltd. security isolation gateway is a multi-network security isolation system based on terminal virtualization technology and network virtualization technology. A command execution vulnerability exists in chinagateaddop.php, the security isolation gateway of Beijing...
Schneider Electric Magelis HMI Advanced Panel denial of service vulnerability (PanelShock)
IMPROPER IMPLEMENTATION OF HTTP GET REQUEST CVE-2016-8367 / SVE-82003201 The timeout value for closing an HTTP client's requests in the Web Gate service is too long and allows a malicious attacker to open multiple connections to the targeted web server and keep them open for as long as possible b...
gate-wear.com XSS vulnerability
Vulnerable URL: http://www.gate-wear.com/man/sweatshirts/sweatshirt-cardigan-with-hood?color=48=category%22%3E%3CScRiPt%3Eprompt/OPENBUGBOUNTY/;%3C/ScRiPt%3E Details: Description| Value ---|--- Patched:| Yes, at 15.04.2017 Latest check for patch:| 15.04.2017 18:34 GMT Vulnerability type:| XSS...
gate-to-richness.com XSS vulnerability
Vulnerable URL: https://www.gate-to-richness.com/lp-zulander-hack/?coc=%3C/script/%22--%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank...
OpenWGA Content Manager 7.1.9 User-Agent HTTP Header XSS
OpenWGA Content Manager 7.1.9 User-Agent HTTP Header XSS Vulnerability Vendor: Innovation Gate GmbH Product web page: https://www.openwga.com Affected version: OpenWGA Content Manager 7.1.9 Build 230 OpenWGA Admin Client 7.1.7 Build 82 OpenWGA Server 7.1.9 Maintenance Release Build 642 Summary:...
OpenWGA Developer Studio 3.1.0 OpenDialog Arbitrary Code Execution
Summary The OpenWGA Developer Studio packages an OpenWGA CMS server together with all necessary development and deployment tools to create, develop, deploy, share and maintain your OpenWGA CMS applications. Description The application suffers from an arbitrary code execution vulnerability when...
OpenWGA Content Manager 7.1.9 User-Agent HTTP Header XSS Vulnerability
Summary OpenWGA is an advanced open source java based enterprise CMS platform featuring real WYSIWYG, a state of the art CMS IDE and more. Description OpenWGA suffers from a cross-site scripting vulnerability when input passed via the User-Agent HTTP header is not properly sanitized before being...
Certifi-gate Scanner - Exported components, External URLs, Suspicious files vulnerabilities
HackApp vulnerability scanner discovered that application Certifi-gate Scanner published at the 'play' market has multiple vulnerabilities...