Lucene search
+L

275 matches found

Kitploit
Kitploit
added 2019/01/11 12:4 p.m.216 views

WiFi-Pumpkin v0.8.7 - Framework for Rogue Wi-Fi Access Point Attack

The WiFi-Pumpkin is a rogue AP framework to easily create these fake networks, all while forwarding legitimate traffic to and from the unsuspecting target. It comes stuffed with features, including rogue Wi-Fi access points, deauth attacks on client APs, a probe request and credentials monitor,...

7.3AI score
Exploits0References11
Kitploit
Kitploit
added 2018/09/10 12:36 p.m.95 views

Web-Traffic-Generator - A Quick And Dirty HTTP/S "Organic" Traffic Generator

Just a simple poorly written Python script that aimlessly "browses" the internet by starting at pre-defined rootURLs and randomly "clicking" links on pages until the pre-defined clickDepth is met. I created this as a noise generator to use for an Incident Response / Network Defense simulation. Th...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2018/07/18 2:30 p.m.55 views

Noisy - Simple Random DNS, HTTP/S Internet Traffic Noise Generator

A simple python script that generates random HTTP/DNS traffic noise in the background while you go about your regular web browsing, to make your web traffic data less valuable for selling and for extra obscurity. Tested on MacOS High Sierra, Ubuntu 16.04 and Raspbian Stretch and is compatable wit...

7.1AI score
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:33 a.m.56 views

Security Bulletin: A vulnerability in PHP affects PowerKVM (CVE-2016-5385)

Summary PowerKVM is affected by a vulnerability in PHP. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2016-5385 DESCRIPTION: PHP could allow a remote attacker to redirect HTTP traffic of CGI application, caused by the failure to protect applications from the presence ...

8.1CVSS0.6AI score0.50427EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:32 a.m.53 views

Security Bulletin: Vulnerabilities in Apache Tomcat affect the IBM FlashSystem model V840

Summary There are vulnerabilities in Apache Tomcat to which the IBM® FlashSystem™ V840 is susceptible. An exploit of these vulnerabilities CVE-2016-3092, CVE-2016-5385, CVE-5386, CVE-2016-5387, and CVE-2016-5388 could allow a remote attacker to wage a denial of service attack or redirect outbound...

8.1CVSS0.4AI score0.55724EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:48 p.m.48 views

Security Bulletin: IBM QRadar SIEM is vulnerable to various CGI vulnerabilities. (CVE-2016-5385, CVE-2016-5387, CVE-2016-5388)

Summary Vulnerabilities affecting web servers that run code in a CGI or CGI-like context Vulnerability Details CVEID: CVE-2016-5387 DESCRIPTION: Apache HTTP Server could allow a remote attacker to redirect HTTP traffic of CGI application, caused by the failure to protect applications from the...

8.1CVSS0.7AI score0.55724EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:46 p.m.15 views

Security Bulletin: Multiple Security Vulnerabilities have been identified in components shipped with IBM Security Access Manager for Enterprise Single Sign-On

Summary IBM HTTP Server is shipped as a component of IBM Security Access Manager for Enterprise Single Sign-On ISAM ESSO. Imformation about the vulnerability affecting IBM HTTP Server has been published in a Security Bulletin IBM Websphere Application Server is shipped as a component of IBM...

0.8AI score
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2018/06/07 12:0 p.m.13 views

CVE-2018-0296

A vulnerability in the web interface of the Cisco Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. It is also possible on certain software releases that the ASA will...

7.6AI score0.99903EPSS
Exploits18References6
ATTACKERKB
ATTACKERKB
added 2018/06/07 12:0 a.m.42 views

Cisco ASA Directory Traversal

A vulnerability in the web interface of the Cisco Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. It is also possible on certain software releases that the ASA will...

7.5CVSS1.1AI score0.99903EPSS
In wildExploits18References7
n0where
n0where
added 2018/02/24 4:17 p.m.206 views

Free and Open Source Interactive HTTPS Proxy: mitmproxy

mitmproxy is your swiss-army knife for debugging, testing, privacy measurements, and penetration testing. It can be used to intercept, inspect, modify and replay web traffic such as HTTP/1, HTTP/2, WebSockets, or any other SSL/TLS-protected protocols. You can prettify and decode a variety of...

Exploits0References2
OSV
OSV
added 2018/02/20 12:29 a.m.5 views

CVE-2018-7259

The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the networ...

9.8CVSS5.8AI score0.01015EPSS
Exploits0References3
NVD
NVD
added 2018/02/20 12:29 a.m.15 views

CVE-2018-7259

The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the networ...

9.8CVSS9.3AI score0.01015EPSS
Exploits0References3
Prion
Prion
added 2018/02/20 12:29 a.m.12 views

Code injection

The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the networ...

5CVSS9.2AI score0.01015EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/02/20 12:0 a.m.19 views

CVE-2018-7259

The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the networ...

9.3AI score0.01015EPSS
Exploits0References3
CNVD
CNVD
added 2017/12/04 12:0 a.m.6 views

Cisco WebEx Meeting Center URL Redirection Vulnerability

Cisco WebEx Meeting Center is a set of WebEx meeting solutions in the United States Cisco Cisco company's network of online meeting products. The product invites others to join the meeting via e-mail or instant messaging IM, and supports online product demonstrations, information sharing, and mor...

5CVSS6.8AI score0.0117EPSS
Exploits0References1
NVD
NVD
added 2017/11/30 9:29 a.m.17 views

CVE-2017-12297

A vulnerability in Cisco WebEx Meeting Center could allow an authenticated, remote attacker to initiate connections to arbitrary hosts, aka a "URL Redirection Vulnerability." The vulnerability is due to insufficient access control for HTTP traffic directed to the Cisco WebEx Meeting Center. An...

5CVSS5.2AI score0.0117EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/11/30 9:0 a.m.21 views

CVE-2017-12297

A vulnerability in Cisco WebEx Meeting Center could allow an authenticated, remote attacker to initiate connections to arbitrary hosts, aka a "URL Redirection Vulnerability." The vulnerability is due to insufficient access control for HTTP traffic directed to the Cisco WebEx Meeting Center. An...

5.2AI score0.0117EPSS
Exploits0References3
Cisco
Cisco
added 2017/11/29 4:0 p.m.36 views

Cisco WebEx Meeting Center URL Redirection Vulnerability

A vulnerability in Cisco WebEx Meeting Center could allow an authenticated, remote attacker to initiate connections to arbitrary hosts. The vulnerability is due to insufficient access control for HTTP traffic directed to the Cisco WebEx Meeting Center. An attacker could exploit this vulnerability...

4.1CVSS5.2AI score0.0117EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2017/11/07 9:30 a.m.17 views

Brother Printers Susceptible to Remote Denial of Service Attacks

Networked consumer and business printers manufactured and sold by Brother contain an unpatched vulnerability that can be abused by a remote attacker to cause a denial-of-service condition on the device. Researchers at Trustwave’s SpiderLabs on Monday disclosed the issue after numerous fruitless...

0.6AI score
Exploits0References1
NVD
NVD
added 2017/10/01 1:29 a.m.19 views

CVE-2017-14797

Lack of Transport Encryption in the public API in Philips Hue Bridge BSB002 SW 1707040932 allows remote attackers to read API keys and consequently bypass the pushlink protection mechanism, and obtain complete control of the connected accessories by leveraging the ability to sniff HTTP traffic on...

7.9CVSS7.5AI score0.00422EPSS
Exploits0References1
Rows per page
Query Builder