Lucene search
K

7691 matches found

Metasploit
Metasploit
added 2017/10/30 7:4 p.m.46 views

Linux Meterpreter, Reverse HTTPS Inline

Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 1166612 include...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2017/10/30 1:21 p.m.362 views

subjack - Hostile Subdomain Takeover tool written in Go

subjack is a Hostile Subdomain Takeover tool written in Go designed to scan a list of subdomains concurrently and identify ones that are able to be hijacked. With Go's speed and efficiency, this tool really stands out when it comes to mass-testing. Always double check the results manually to rule...

9AI score
Exploits0References1
Metasploit
Metasploit
added 2017/10/30 10:26 a.m.47 views

Linux Meterpreter, Reverse HTTPS Inline

Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 1140752 include...

7.3AI score
Exploits0
NVD
NVD
added 2017/10/29 5:29 p.m.12 views

CVE-2017-15999

In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for transmitting login and synced user data. When logging in, the username is transmitted in cleartext along with an SHA-1 hash of the password. The attacker can either crack this hash or use it for further attack...

9.8CVSS9.4AI score0.00686EPSS
Exploits0References1
Cent OS
Cent OS
added 2017/10/27 11:2 a.m.867 views

wget security update

CentOS Errata and Security Advisory CESA-2017:3075 An update for wget is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.3CVSS7.7AI score0.79855EPSS
Exploits3References7
OSV
OSV
added 2017/10/27 5:29 a.m.2 views

CVE-2017-5120

Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially downgrade HTTPS requests to HTTP via a crafted HTML page. In other words, Chrome could...

6.5CVSS7.4AI score0.01127EPSS
Exploits0References7
NVD
NVD
added 2017/10/27 5:29 a.m.17 views

CVE-2017-5120

Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially downgrade HTTPS requests to HTTP via a crafted HTML page. In other words, Chrome could...

6.5CVSS6.3AI score0.01127EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2017/10/27 5:29 a.m.25 views

CVE-2017-5120

Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially downgrade HTTPS requests to HTTP via a crafted HTML page. In other words, Chrome could...

6.5CVSS6.8AI score0.01127EPSS
Exploits0References2
Prion
Prion
added 2017/10/27 5:29 a.m.20 views

Design/Logic Flaw

Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially downgrade HTTPS requests to HTTP via a crafted HTML page. In other words, Chrome could...

4.3CVSS6.5AI score0.01127EPSS
Exploits0References7Affected Software5
Cvelist
Cvelist
added 2017/10/27 5:0 a.m.30 views

CVE-2017-5120

Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially downgrade HTTPS requests to HTTP via a crafted HTML page. In other words, Chrome could...

6.6AI score0.01127EPSS
Exploits0References7
CVE
CVE
added 2017/10/27 5:0 a.m.90 views

CVE-2017-5120

CVE-2017-5120 describes a downgrade of HTTPS during redirects in the Chromium/Chrome browser. Affected: Chromium/Chrome before 61.0.3163.79 on desktop (Mac/Windows/Linux) and 61.0.3163.81 on Android, with downstream advisories referencing Chromium builds. Root cause: a misdesign workaround for ww...

6.5CVSS6.5AI score0.01127EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2017/10/27 5:0 a.m.24 views

CVE-2017-5120

Removed by vendor...

6.5CVSS7.3AI score0.01127EPSS
Exploits0
OpenVAS
OpenVAS
added 2017/10/27 12:0 a.m.35 views

CentOS Update for wget CESA-2017:3075 centos7

Check the version of wget SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882793";...

9.3CVSS9AI score0.79855EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2017/10/27 12:0 a.m.40 views

RedHat Update for wget RHSA-2017:3075-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS9AI score0.79855EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2017/10/27 12:0 a.m.49 views

RHEL 7 : wget (RHSA-2017:3075)

An update for wget is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.3CVSS8AI score0.79855EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2017/10/26 4:45 p.m.147 views

Important: Red Hat Security Advisory: wget security update

An update for wget is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.3CVSS7.7AI score0.79855EPSS
Exploits3References3
Ubuntu
Ubuntu
added 2017/10/23 7:47 p.m.69 views

USN-3441-2: curl vulnerabilities

USN-3441-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash,...

9.1CVSS6.8AI score0.08465EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/10/23 12:49 p.m.57 views

USN-3457-1: curl vulnerability

Brian Carpenter discovered that curl incorrectly handled IMAP FETCH response lines. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.1CVSS7.2AI score0.06224EPSS
Exploits0
Hacker One
Hacker One
added 2017/10/20 9:2 p.m.69 views

Legal Robot: Non-HTTPS link on blog

Hi, @legalrobot I found another venturebeat.com URL without HTTPS in https://www.legalrobot-uat.com/press/ I hope you fix this Screenshot attached bellow Cheers, Ph0b0s...

6.9AI score
Exploits0
NVD
NVD
added 2017/10/20 3:29 p.m.17 views

CVE-2017-6144

In F5 BIG-IP PEM 12.1.0 through 12.1.2 when downloading the Type Allocation Code TAC database file via HTTPS, the server's certificate is not verified. Attackers in a privileged network position may be able to launch a man-in-the-middle attack against these connections. TAC databases are used in...

7.4CVSS7.4AI score0.00599EPSS
Exploits0References1
Rows per page
Query Builder