389 matches found
NewStart CGSL MAIN 6.06 (SP) : openssl Multiple Vulnerabilities (NS-SA-2026-0004)
The remote NewStart CGSL host, running version MAIN 6.06 SP, has openssl packages installed that are affected by multiple vulnerabilities: - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise...
nanshihui__PocCollect.e13e1379
PocCollect !Build Statushttp://nanshihui.github.io/public...
Exploit for Out-of-bounds Read in Openssl
CVE-2014-0160 Lab dựng lab sử dụng Heartbleed để leak memory...
Exploit for Out-of-bounds Read in Openssl
CTT-HEARTBLEED-Temporal-Resonance-Memory-Leak-Exploit-Heartble...
MiracleLinux 4 : openssl-1.0.1e-16.AXS4.7 (AXSA:2014-245:02)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-245:02 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which...
New Study Warns Several Free iOS and Android VPN Apps Leak Data
A Zimperium zLabs analysis of 800 free Android and iOS VPN apps exposes critical security flaws, including the Heartbleed bug, excessive system permissions, and non-transparent data practices. Learn how these 'privacy' tools are actually major security risks, especially for BYOD environments...
NewStart CGSL MAIN 6.06 : openssl Multiple Vulnerabilities (NS-SA-2025-0211)
The remote NewStart CGSL host, running version MAIN 6.06, has openssl packages installed that are affected by multiple vulnerabilities: - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell...
Exploit for Out-of-bounds Read in Openssl
This repository is an exploit for CVE-2014-0160, also known as the Heartbleed vulnerability. The exploit is designed to abuse OpenSSL clients that are vulnerable to this issue. The target product/service is OpenSSL, and the vulnerability class/vector is a buffer overflow in the TLS heartbeat...
Exploit for Out-of-bounds Read in Openssl
It is an exploit module/toolkit targeting OpenSSL versions vulnerable to CVE-2014-0160, also known as the Heartbleed vulnerability. The tool, ssltest.py, scans multiple hosts for this vulnerability in an efficient multi-threaded manner without exploiting the server. The probable entry point is th...
rapidscan
This is a Python-based web vulnerability scanner called RapidScan. It is designed to automate the process of security scanning by using a multitude of available Linux security tools and some custom scripts. The tool is still under development and currently supports around 80 vulnerability tests...
Exploit for Out-of-bounds Read in Openssl
This is an exploit module/toolkit targeting the Heartbleed vulnerability CVE-2014-0160. The target product/service is OpenSSL, and the vulnerability class/vector is a buffer overflow in the TLS heartbeat extension, allowing for memory disclosure. The probable entry point is the ssl3writebytes...
Exploit for Out-of-bounds Read in Openssl
PoC exploit for CVE-2014-0160 Heartbleed. The target product/service is OpenSSL, and the vulnerability class/vector is memory disclosure specifically, the ability to extract private keys. The probable entry point is the ssl3writebytes function, which is sometimes exported in OpenSSL libraries. Th...
Crypt-SSLeay
This is a Perl module called Crypt::SSLeay, which provides OpenSSL support for LWP Library for WWW in Perl. The module is used to handle SSL/TLS connections and is part of the LWP distribution. The module has a version of 0.7304 and is maintained by A. Sinan Unur, David Landgren, Joshua Chamas, a...
vulns
It is an offensive tool for Linux. The repository, 'vulns', contains a collection of vulnerabilities and attacks, including Slowloris, BEAST, CRIME, BREACH, TIME, Heartbleed, CCS Injection, Shellshock, Drupalgeddon, POODLE, goto fail, GHOST, FREAK, Superfish, Rowhammer, Logjam, Stagefright, VENOM...
Exploit for Out-of-bounds Read in Openssl
This repository contains exploits and proof-of-concept vulnerability demonstration files from the team at Hacker House. The exploits target various vulnerabilities in different products and services, including: 1. AirWatch MDM solution: The repository contains a file called...
OpenSSL Heartbeat (Heartbleed) Client Memory Exposure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenSSL Heartbeat Heartbleed Client Memory Exposure', 'Description' = %q This module provides a fake SSL service that is intended to leak memory...
Vulnerability in License Server and Snap-in for Desktop Studio, aka Heartbleed
Secure Configuration of Licensing Heartbleed Update In response to the recent Heartbleed vulnerability in OpenSSL CVE-2014-0160 Citrix released a security advisory, CTX140605, advising customers of its potential effects on some Citrix Licensing components. As part of the Citrix response to this...
Elasticsearch Memory Disclosure
This module exploits a memory disclosure vulnerability in Elasticsearch 7.10.0 to 7.13.3 inclusive. A user with the ability to submit arbitrary queries to Elasticsearch can generate an error message containing previously used portions of a data buffer. This buffer could contain sensitive...
K15159: OpenSSL vulnerability CVE-2014-0160
Security Advisory Description The 1 TLS and 2 DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as...
SUSE CVE-2014-0160
The 1 TLS and 2 DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys,...