Lansweeper XML External Entity Injection Vulnerability

Lansweeper is a network-assisted software that lists Windows hardware from Lansweeper Belgium. An XML external entity injection vulnerability exists in the import package feature in versions of Lansweeper prior to 6.0.100.67. A remote attacker can exploit this vulnerability to cause a denial of...

Malware Triage Tool: pftriage

pftriage is a tool to help analyze files during malware triage. It allows an analyst to quickly view and extract properties of a file to help during the triage process. The tool also has an analyze function which can detect common malicious indicators used by malware. Dependencies pefile filemagi...

[SECURITY] Fedora 27 Update: libwpd-0.10.2-1.fc27

libwpd is a library for import of WordPerfect documents...

Dup Scout Enterprise 10.0.18 - Import Command Local Buffer Overflow

Dup Scout Enterprise 10.0.18 - Import Command Local Buffer Overflow !/usr/bin/python ======================================================================================================================== Exploit Author: Touhid M.Shaikh Exploit Title: Dup Scout Enterprise v10.0.18 "Import Comman...

DiskBoss Enterprise 8.4.16 - Import Command Buffer Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/python ======================================================================================================================== Exploit Author: Touhid M.Shaikh Exploit Title: DiskBoss Enterprise v8.4.16 "Import Command" Buffer...

CVE-2017-14527

Multiple XML external entity XXE vulnerabilities in the OpenText Documentum Webtop 6.8.0160.0073 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a 1 crafted DTD,...

Xxe

Multiple XML external entity XXE vulnerabilities in the OpenText Documentum Administrator 7.2.0180.0055 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a 1 crafted DT...

Xxe

Multiple XML external entity XXE vulnerabilities in the OpenText Documentum Webtop 6.8.0160.0073 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a 1 crafted DTD,...

Unable to import App Layering OS Layer to ELM from vSphere

After creating a vSphere connector and selected the host and VM to import into the Enterprise Layer Manager ELM as an OS layer, the operation will timeout within a few minutes. vSphere shows an exporting task stuck at 0% before timing out...

CVE-2017-14526

Multiple XML external entity XXE vulnerabilities in the OpenText Documentum Administrator 7.2.0180.0055 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a 1 crafted DT...

[SECURITY] Fedora 25 Update: gtatool-2.2.0-6.fc25

Gtatool is a command line tool to manipulate GTAs. It provides a set of commands that manipulate GTAs on various levels: array element components, array dimensions, whole arrays, and streams of ar rays. For example, you can add components to array elements, merge separate arrays into combined...

Trend Micro Control Manager - ImportFile Directory Traversal RCE Exploit

Exploit for windows platform in category remote exploits require 'msf/core' require 'msf/core/exploit/phpexe' class MetasploitModule 'Trend Micro Control Manager importFile Directory Traversal RCE', 'Description' = %q This module exploits a directory traversal vulnerability found in Trend Micro...

[SECURITY] Fedora 25 Update: libstaroffice-0.0.4-1.fc25

libstaroffice is a library for import of binary StarOffice documents...

Xxe

XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import...

CVE-2017-9095

XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import...

CVE-2017-9095

XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import...

CVE-2017-9095

XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import...

PT-2017-18698 · Diving Log · Diving Log

Name of the Vulnerable Software and Affected Versions: Diving Log version 6.0 Description: The issue allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import. This is related to an XXE XML External Entity issue. Recommendations: F...

Threat Outbreak Alert RuleID30473: Email Messages Distributing Malicious Software on September 1, 2017

Medium Alert ID: 55021 First Published: 2017 September 1 16:56 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID30473 may contain the following files: Name |...

VX Search Enterprise 9.9.12 Buffer Overflow

!/usr/bin/python Exploit Title : VX Search Enterprise v9.9.12 - 'Import Command' Buffer Overflow Discovery by : Anurag Srivastava Email : [email protected] Website : www.pyramidcyber.com Discovery Date : 22/08/2017 Software Link :...