740 matches found
Oracle golden gate critical vulnerability analysis-vulnerability warning-the black bar safety net
In this article, we will once again prove over-reliance on automation tool will allow people to ignore off a lot of potential danger, at the same time, we will also discuss some of the relevant Oracle Golden Gate technical level of the important weaknesses vulnerability, and to show you yet anoth...
Terror Exploit Kit Evolves Into Larger Threat
The relatively new Terror exploit kit is bucking the downward trend in the EK market, and is steadily evolving into more of a threat. Researchers at Cisco Talos said Terror has abandoned an early strategy that included “carpet-bombing” a target’s browser to one that now uses exploits that precise...
Locky, Cerber Ransomware Skilled at Avoiding Detection
The latest versions of Cerber and Locky ransomware have been, since mid-January, finding great success in bypassing existing security detection systems through the use of a common infrastructure that allows the malicious code to bury itself inside NSIS installers, and use several layers of...
HEVD kernel vulnerability training-with Windows play-bug warning-the black bar safety net
For this training of the research study will kernel vulnerability principle, the use of the way, under Windows many common data structures have a preliminary understanding, from the open Ring0 gate. HEVD project address: https://github.com/hacksysteam/HackSysExtremeVulnerableDriver For the kernel...
autovpn - Easily connect to a VPN in a country of your choice
autovpn is a tool to automatically connect you to a random VPN in a country of your choice. It uses openvpn to connect you to a server obtained from VPN Gate. Compiling First clone the repo and cd into the directory: $ git clone https://github.com/adtac/autovpn $ cd autovpn Then run this to...
x86: Mishandling of SYSCALL singlestep during emulation
ISSUE DESCRIPTION The typical behaviour of singlestepping exceptions is determined at the start of the instruction, with a DB trap being raised at the end of the instruction. SYSCALL and SYSRET, although we don't implement it behave differently because the typical behaviour allows userspace to...
Command Execution Vulnerability in China_gate_edit_op.php, the Security Isolation Gateway of Beijing Yuanwei Software Co.
Beijing Yuanwei Software Co., Ltd. security isolation gateway is a multi-network security isolation system based on terminal virtualization technology and network virtualization technology. A command execution vulnerability exists in chinagateeditop.php, the security isolation gateway of Beijing...
Command Execution Vulnerability in the Security Isolation Gateway china_gate_add_op.php at Beijing Yuanwei Software Co.
Beijing Yuanwei Software Co., Ltd. security isolation gateway is a multi-network security isolation system based on terminal virtualization technology and network virtualization technology. A command execution vulnerability exists in chinagateaddop.php, the security isolation gateway of Beijing...
Schneider Electric Magelis HMI Advanced Panel denial of service vulnerability (PanelShock)
IMPROPER IMPLEMENTATION OF HTTP GET REQUEST CVE-2016-8367 / SVE-82003201 The timeout value for closing an HTTP client's requests in the Web Gate service is too long and allows a malicious attacker to open multiple connections to the targeted web server and keep them open for as long as possible b...
gate-wear.com XSS vulnerability
Vulnerable URL: http://www.gate-wear.com/man/sweatshirts/sweatshirt-cardigan-with-hood?color=48=category%22%3E%3CScRiPt%3Eprompt/OPENBUGBOUNTY/;%3C/ScRiPt%3E Details: Description| Value ---|--- Patched:| Yes, at 15.04.2017 Latest check for patch:| 15.04.2017 18:34 GMT Vulnerability type:| XSS...
gate-to-richness.com XSS vulnerability
Vulnerable URL: https://www.gate-to-richness.com/lp-zulander-hack/?coc=%3C/script/%22--%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank...
OpenWGA Content Manager 7.1.9 User-Agent HTTP Header XSS
OpenWGA Content Manager 7.1.9 User-Agent HTTP Header XSS Vulnerability Vendor: Innovation Gate GmbH Product web page: https://www.openwga.com Affected version: OpenWGA Content Manager 7.1.9 Build 230 OpenWGA Admin Client 7.1.7 Build 82 OpenWGA Server 7.1.9 Maintenance Release Build 642 Summary:...
OpenWGA Developer Studio 3.1.0 OpenDialog Arbitrary Code Execution
Summary The OpenWGA Developer Studio packages an OpenWGA CMS server together with all necessary development and deployment tools to create, develop, deploy, share and maintain your OpenWGA CMS applications. Description The application suffers from an arbitrary code execution vulnerability when...
OpenWGA Content Manager 7.1.9 User-Agent HTTP Header XSS Vulnerability
Summary OpenWGA is an advanced open source java based enterprise CMS platform featuring real WYSIWYG, a state of the art CMS IDE and more. Description OpenWGA suffers from a cross-site scripting vulnerability when input passed via the User-Agent HTTP header is not properly sanitized before being...
Certifi-gate Scanner - Exported components, External URLs, Suspicious files vulnerabilities
HackApp vulnerability scanner discovered that application Certifi-gate Scanner published at the 'play' market has multiple vulnerabilities...
PyScan-Scanner - Vulnerability Scanner With Custom Payload
REQUIRE urllib2 BeautifulSoup requests START Change database information $bdd = new PDO'mysql:host=localhost;dbname=pyscan', 'user', 'password'; Update a Python gate panelurl = "http://localhost/pyscan/" gatescraper = "cmd/gate.php" gatescanner = "cmd/scan.php" gatevuln = "cmd/vuln.php" gatepaylo...
CVE-2016-0452
Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2016-0451...
CVE-2016-0451
Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2016-0452...
January 2016 Oracle Critical Patch Update 248 Patches
Oracle’s quarterly Critical Patch Updates CPU are known for their daunting volume, usually a disproportionately big number of fixes that database and system administrators have to deal with every three months. Yesterday’s CPU, however, takes the cake. Oracle pushed out the door a record 248 patch...
Hackers are using Nuclear Exploit Kit to Spread Cryptowall 4.0 Ransomware
Beware Internet Users! Cryptowall 4.0 – the newest version of the world's worst Ransomware – has surfaced in the Nuclear exploit kit, one of the most potent exploit kits available in the underground market for hacking into computers. Ransomware threat has emerged as one of the biggest threats to...