Lucene search
K

740 matches found

myhack58
myhack58
added 2017/07/08 12:0 a.m.140 views

Oracle golden gate critical vulnerability analysis-vulnerability warning-the black bar safety net

In this article, we will once again prove over-reliance on automation tool will allow people to ignore off a lot of potential danger, at the same time, we will also discuss some of the relevant Oracle Golden Gate technical level of the important weaknesses vulnerability, and to show you yet anoth...

10CVSS7.3AI score0.06833EPSS
Exploits1
ThreatPost
ThreatPost
added 2017/05/19 2:22 p.m.49 views

Terror Exploit Kit Evolves Into Larger Threat

The relatively new Terror exploit kit is bucking the downward trend in the EK market, and is steadily evolving into more of a threat. Researchers at Cisco Talos said Terror has abandoned an early strategy that included “carpet-bombing” a target’s browser to one that now uses exploits that precise...

9.3CVSS8.1AI score0.74096EPSS
Exploits9References4
ThreatPost
ThreatPost
added 2017/03/21 1:11 p.m.14 views

Locky, Cerber Ransomware Skilled at Avoiding Detection

The latest versions of Cerber and Locky ransomware have been, since mid-January, finding great success in bypassing existing security detection systems through the use of a common infrastructure that allows the malicious code to bury itself inside NSIS installers, and use several layers of...

2.6AI score
Exploits0References1
myhack58
myhack58
added 2017/03/01 12:0 a.m.482 views

HEVD kernel vulnerability training-with Windows play-bug warning-the black bar safety net

For this training of the research study will kernel vulnerability principle, the use of the way, under Windows many common data structures have a preliminary understanding, from the open Ring0 gate. HEVD project address: https://github.com/hacksysteam/HackSysExtremeVulnerableDriver For the kernel...

7.2CVSS7.7AI score0.87042EPSS
Exploits23
Kitploit
Kitploit
added 2017/02/07 2:0 p.m.28 views

autovpn - Easily connect to a VPN in a country of your choice

autovpn is a tool to automatically connect you to a random VPN in a country of your choice. It uses openvpn to connect you to a server obtained from VPN Gate. Compiling First clone the repo and cd into the directory: $ git clone https://github.com/adtac/autovpn $ cd autovpn Then run this to...

7.2AI score
Exploits0References1
Xen Project
Xen Project
added 2016/12/19 3:37 p.m.56 views

x86: Mishandling of SYSCALL singlestep during emulation

ISSUE DESCRIPTION The typical behaviour of singlestepping exceptions is determined at the start of the instruction, with a DB trap being raised at the end of the instruction. SYSCALL and SYSRET, although we don't implement it behave differently because the typical behaviour allows userspace to...

7.8CVSS0.9AI score0.00424EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2016/11/11 12:0 a.m.4 views

Command Execution Vulnerability in China_gate_edit_op.php, the Security Isolation Gateway of Beijing Yuanwei Software Co.

Beijing Yuanwei Software Co., Ltd. security isolation gateway is a multi-network security isolation system based on terminal virtualization technology and network virtualization technology. A command execution vulnerability exists in chinagateeditop.php, the security isolation gateway of Beijing...

7.5AI score
Exploits0References1
CNVD
CNVD
added 2016/11/11 12:0 a.m.2 views

Command Execution Vulnerability in the Security Isolation Gateway china_gate_add_op.php at Beijing Yuanwei Software Co.

Beijing Yuanwei Software Co., Ltd. security isolation gateway is a multi-network security isolation system based on terminal virtualization technology and network virtualization technology. A command execution vulnerability exists in chinagateaddop.php, the security isolation gateway of Beijing...

7.5AI score
Exploits0References1
seebug.org
seebug.org
added 2016/11/02 12:0 a.m.59 views

Schneider Electric Magelis HMI Advanced Panel denial of service vulnerability (PanelShock)

IMPROPER IMPLEMENTATION OF HTTP GET REQUEST CVE-2016-8367 / SVE-82003201 The timeout value for closing an HTTP client's requests in the Web Gate service is too long and allows a malicious attacker to open multiple connections to the targeted web server and keep them open for as long as possible b...

7.8CVSS6.2AI score0.04301EPSS
Exploits1
Openbugbounty
Openbugbounty
added 2016/09/22 2:59 p.m.11 views

gate-wear.com XSS vulnerability

Vulnerable URL: http://www.gate-wear.com/man/sweatshirts/sweatshirt-cardigan-with-hood?color=48=category%22%3E%3CScRiPt%3Eprompt/OPENBUGBOUNTY/;%3C/ScRiPt%3E Details: Description| Value ---|--- Patched:| Yes, at 15.04.2017 Latest check for patch:| 15.04.2017 18:34 GMT Vulnerability type:| XSS...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/09/08 6:17 a.m.9 views

gate-to-richness.com XSS vulnerability

Vulnerable URL: https://www.gate-to-richness.com/lp-zulander-hack/?coc=%3C/script/%22--%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank...

6.2AI score
Exploits0
Packet Storm
Packet Storm
added 2016/04/13 12:0 a.m.51 views

OpenWGA Content Manager 7.1.9 User-Agent HTTP Header XSS

OpenWGA Content Manager 7.1.9 User-Agent HTTP Header XSS Vulnerability Vendor: Innovation Gate GmbH Product web page: https://www.openwga.com Affected version: OpenWGA Content Manager 7.1.9 Build 230 OpenWGA Admin Client 7.1.7 Build 82 OpenWGA Server 7.1.9 Maintenance Release Build 642 Summary:...

7.4AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2016/04/13 12:0 a.m.38 views

OpenWGA Developer Studio 3.1.0 OpenDialog Arbitrary Code Execution

Summary The OpenWGA Developer Studio packages an OpenWGA CMS server together with all necessary development and deployment tools to create, develop, deploy, share and maintain your OpenWGA CMS applications. Description The application suffers from an arbitrary code execution vulnerability when...

6.4AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2016/04/13 12:0 a.m.69 views

OpenWGA Content Manager 7.1.9 User-Agent HTTP Header XSS Vulnerability

Summary OpenWGA is an advanced open source java based enterprise CMS platform featuring real WYSIWYG, a state of the art CMS IDE and more. Description OpenWGA suffers from a cross-site scripting vulnerability when input passed via the User-Agent HTTP header is not properly sanitized before being...

6AI score
Exploits0
hackapp
hackapp
added 2016/04/01 8:52 a.m.17 views

Certifi-gate Scanner - Exported components, External URLs, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Certifi-gate Scanner published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
Kitploit
Kitploit
added 2016/02/18 10:30 p.m.37 views

PyScan-Scanner - Vulnerability Scanner With Custom Payload

REQUIRE urllib2 BeautifulSoup requests START Change database information $bdd = new PDO'mysql:host=localhost;dbname=pyscan', 'user', 'password'; Update a Python gate panelurl = "http://localhost/pyscan/" gatescraper = "cmd/gate.php" gatescanner = "cmd/scan.php" gatevuln = "cmd/vuln.php" gatepaylo...

6.9AI score
Exploits0References1
OSV
OSV
added 2016/01/21 3:0 a.m.2 views

CVE-2016-0452

Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2016-0451...

5.8AI score0.05941EPSS
Exploits0References3
OSV
OSV
added 2016/01/21 3:0 a.m.4 views

CVE-2016-0451

Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2016-0452...

10CVSS5.8AI score0.06833EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2016/01/20 2:32 p.m.12 views

January 2016 Oracle Critical Patch Update 248 Patches

Oracle’s quarterly Critical Patch Updates CPU are known for their daunting volume, usually a disproportionately big number of fixes that database and system administrators have to deal with every three months. Yesterday’s CPU, however, takes the cake. Oracle pushed out the door a record 248 patch...

0.3AI score
Exploits0References5
The Hacker News
The Hacker News
added 2015/11/25 11:24 p.m.11 views

Hackers are using Nuclear Exploit Kit to Spread Cryptowall 4.0 Ransomware

Beware Internet Users! Cryptowall 4.0 – the newest version of the world's worst Ransomware – has surfaced in the Nuclear exploit kit, one of the most potent exploit kits available in the underground market for hacking into computers. Ransomware threat has emerged as one of the biggest threats to...

6.7AI score
Exploits0
Rows per page
Query Builder