CVE-2018-16188

The CVE-2018-16188 entry describes a SQL injection vulnerability in Ricoh Interactive Whiteboard products (D2200, D5500, D5510, and related displays/controllers). The root cause is an SQL injection flaw that allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Affect...

CVE-2018-16184

Summary: CVE-2018-16184 affects Ricoh Interactive Whiteboard family (D2200, D5500, D5510 and related display/controller variants). The issue is a remote command execution vulnerability described as occurring via unspecified vectors, enabling an attacker to run arbitrary commands with administrati...

Microsoft Windows Kernel CVE-2019-0536 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

Weak Password Vulnerability in Vimeo Interactive Website Management System

Chengdu Vimeo Interactive Network Technology Co., Ltd. is a technology company whose main products or services are all kinds of website construction, space domain name. Weak password vulnerability exists in the website management system of Weimei Interactive, which can be exploited by attackers t...

[SECURITY] Fedora 28 Update: python-notebook-5.5.0-6.fc28

The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...

GTRS - Google Translator Reverse Shell

This tools uses Google Translator as a proxy to send arbitrary commands to an infected machine. INFECTED MACHINE ==HTTPS== GOOGLE TRANSLATE ==HTTP== C2 Environment Configuration First you need a VPS and a domain, for the domain you can get a free one on Freenom. With your VPS and domain, just edi...

[SECURITY] Fedora 29 Update: python-notebook-5.7.2-1.fc29

The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...

Kamerka - Build Interactive Map Of Cameras From Shodan

Build an interactive map of cameras from Shodan. The script creates a map of Shodan cameras based on your address or coordinates. https://medium.com/@wojciech/%EA%93%98amerka-build-interactive-map-of-cameras-from-shodan-a0267849ec0a Requirements Shodan Geopy Foilum Colorama pip install -r...

Multiple RICOH Interactive Whiteboard Products Information Disclosure Vulnerability

RICOH Interactive Whiteboard D2200 and others are multifunction printer devices from Ricoh, Japan. A security vulnerability exists in several RICOH Interactive Whiteboard products. An attacker could exploit this vulnerability by performing a man-in-the-middle attack to steal encrypted...

Code Execution Vulnerability in Multiple RICOH Interactive Whiteboard Products

RICOH Interactive Whiteboard D2200 and others are multifunction printer devices from Ricoh, Japan. A security vulnerability exists in a number of RICOH Interactive Whiteboard products. A remote attacker could exploit the vulnerability to execute a modified program...

Multiple RICOH Interactive Whiteboard Products Restricted Lifting Vulnerability

RICOH Interactive Whiteboard D2200 and others are multifunction printer devices from Ricoh, Japan. A security vulnerability exists in multiple RICOH Interactive Whiteboard products. The vulnerability can be exploited by an attacker to log in to the administrator settings page and modify the...

RICOH Interactive Whiteboard Multiple Vulnerabilities

RICOH Interactive Whiteboard is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

RICOH Interactive Whiteboard Detection

Detection of RICOH Interactive Witeboard. The script sends a connection request to the server and attempts to detect RICOH Interactive Whiteboard and to extract its version. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

Multiple RICOH Interactive Whiteboard Products SQL Injection Vulnerabilities

RICOH Interactive Whiteboard D2200 and others are multifunction printer devices from Ricoh, Japan. A SQL injection vulnerability exists in multiple RICOH Interactive Whiteboard products, which can be exploited by remote attackers to obtain or modify information in a database...

Command Injection Vulnerability in Multiple RICOH Interactive Whiteboard Products

RICOH Interactive Whiteboard D2200 and others are multifunction printer devices from Ricoh, Japan. A command injection vulnerability exists in multiple RICOH Interactive Whiteboard products, which can be exploited by remote attackers to execute arbitrary commands with administrative privileges...

JVN#55263945: Multiple vulnerabilities in RICOH Interactive Whiteboard

RICOH Interactive Whiteboard provided by RICOH COMPANY, LTD. contains multiple vulnerabilities listed below. Command injection CWE-94 - CVE-2018-16184 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 9.8 CVSS v2| AV:N/AC:L/AU:N/C:C/I:C/A:C| Bas...

Sheepl - Creating Realistic User Behaviour For Supporting Tradecraft Development Within Lab Environments

Sheepl : Creating realistic user behaviour for supporting tradecraft development within lab environments Introduction There are lots of resources available online relating to how you can build AD network environments for the development of blue team and red team tradecraft. However the current...

Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8565 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...

Microsoft Windows BitLocker Security Feature CVE-2018-8566 Local Security Bypass Vulnerability

Description Microsoft Windows is prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems...

Novahot - A Webshell Framework For Penetration Testers

novahot is a webshell framework for penetration testers. It implements a JSON-based API that can communicate with trojans written in any language. By default, it ships with trojans written in PHP, ruby, and python. Beyond executing system commands, novahot is able to emulate interactive terminals...