Lucene search
+L

170 matches found

Veracode
Veracode
added 2019/11/08 5:31 a.m.14 views

Information Disclosure

github.com/hashicorp/terraform is vulnerable to information disclosure. Sensitive information can be disclosed to the issue tracker when crash log files are not redacted by the operator...

1.2AI score
Exploits0
Kitploit
Kitploit
added 2019/08/16 1:0 p.m.97 views

Diaphora - The Most Advanced Free And Open Source Program Diffing Tool

Diaphora διαφορά, Greek for 'difference' is a program diffing plugin for IDA, similar to Zynamics Bindiff or other FOSS counterparts like YaDiff, DarunGrim, TurboDiff, etc... It was released during SyScan 2015. It works with IDA 6.9 to 7.3. Support for Ghidra is in development. Support for Binary...

6.9AI score
Exploits0References5
Kitploit
Kitploit
added 2019/05/17 8:37 p.m.289 views

Acunetix Vulnerability Scanner Now With Network Security Scans

User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technolo...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2019/02/22 12:0 a.m.120 views

Tautulli 2.1.26 Cross Site Scripting

Tautulli https://tautulli.com/ is a Python based monitoring and tracking tool for Plex Media Server. We discovered that an authenticated Plex Media Server user could change their Plex username to include JavaScript and Tautulli would fail to sanitize the username so that when the Plex Media Serve...

4.3CVSS0.1AI score0.0109EPSS
Exploits2
Kitploit
Kitploit
added 2019/02/08 12:32 p.m.1023 views

Process Hacker - A Free, Powerful, Multi-Purpose Tool That Helps You Monitor System Resources, Debug Software And Detect Malware

A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. System requirements Windows 7 or higher, 32-bit or 64-bit. Features A detailed overview of system activity with highlighting. Graphs and statistics allow you quickly to track down...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2018/12/21 12:32 p.m.149 views

W3Brute - Automatic Web Application Brute Force Attack Tool

w3brute is an open source penetration testing tool that automates attacks directly to the website's login page. w3brute is also supported for carrying out brute force attacks on all websites. Features 1. Scanner: w3brute has a scanner feature that serves to support the bruteforce attack process...

8.7AI score
Exploits0References4
Kitploit
Kitploit
added 2018/08/28 12:33 p.m.192 views

SQLMap v1.2.8 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

8.5AI score
Exploits0References20
Into the symmetry
Into the symmetry
added 2018/02/06 3:32 p.m.39 views

Bug bounty left over (and rant) Part III (Google and Twitter)

tl;dr in this blog post I am going to talk about some bug bounty left over with a little rant. Here you can find bug bounty left over part I and II Here you can find bug bounty rant part I and II Introduction In one of my previous post I was saying that: "The rule 1 of any bug hunter... is to hav...

7.3AI score
Exploits0
ThreatPost
ThreatPost
added 2017/11/03 12:30 p.m.14 views

Threatpost News Wrap Podcast for Nov. 3

Threatpost editors Mike Mimoso and Tom Spring discuss the week’s top information security news stories, including Google’s decision to drop HTTP Public Key Pinning in Chrome, a vulnerability in Google’s Issue Tracker, Mozilla’s decision to ban Canvas Fingerprinting, and a HTTPS issue with...

0.2AI score
Exploits0References7
Kitploit
Kitploit
added 2017/08/28 9:13 p.m.107 views

SQLMap v1.1.8 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

8.5AI score
Exploits0References20
GoogleProjectZero
GoogleProjectZero
added 2016/09/13 12:0 a.m.14 views

Announcing the Project Zero Prize

Posted by Natalie Silvanovich, Exploit Enthusiast Despite the existence of vulnerability rewards programs at Google and other companies, many unique, high-quality security bugs have been discovered as a result of hacking contests. Hoping to continue the stream of great bugs, we’ve decided to star...

8.3AI score
Exploits0
seebug.org
seebug.org
added 2016/08/08 12:0 a.m.51 views

Zabbix Agent 3.0.1 mysql. size shell command injection

CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection Affected products ================= At least Zabbix Agent 1:3.0.1-1+wheezy from http://repo.zabbix.com/zabbix/3.0/debian is vulnerable. Other versions were not tested. Background ========== "Zabbix agent is deployed on a...

6.8CVSS8.6AI score0.21141EPSS
Exploits6
exploitpack
exploitpack
added 2016/05/04 12:0 a.m.108 views

Zabbix Agent 3.0.1 - mysql.size Shell Command Injection

Zabbix Agent 3.0.1 - mysql.size Shell Command Injection CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection -------------------------------------------------------------------- Affected products ================= At least Zabbix Agent 1:3.0.1-1+wheezy from...

6.8CVSS8.3AI score0.21141EPSS
Exploits6
Hacker One
Hacker One
added 2016/04/22 5:34 a.m.19 views

GitLab: GFM renderer leaks external issue tracker URL of private project

Vulnerability details The GFM renderer has the ability to cross-link issues between projects. When this project is private and the user doesn't have access, the link isn't made. This is good. However, when the private project has an external issue tracker set up, an attacker can extract the...

0.9AI score
Exploits0
Hacker One
Hacker One
added 2016/04/11 1:4 a.m.21 views

GitLab: Persistent XSS on public project page

Details A project admin can set up a custom issue tracker integration. This setting misses a check to make sure that it's a real URL and, thus, can use the javascript handler to execute arbitrary Javascript. Browsers use this handler to execute inline Javascript. This can lead to an account take...

2.2AI score
Exploits0
Hacker One
Hacker One
added 2016/03/20 10:3 a.m.50 views

HackerOne: External links should use rel="noopener" or use the redirect service

This is a rather low severity one and a successful exploitation relies on unlikely user interaction as well as the ability to control the HTML output of an remote host. Furthermore it is a kinda new hardening features in some browsers. Though one can work around this using "noreferrer" which is...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/04/20 12:0 a.m.86 views

Atlassian JIRA Detection

Atlassian JIRA, a web-based issue tracker written in Java, is running on the remote host. TRUSTED...

5.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2010/04/06 12:0 a.m.12 views

Fedora Update for trac FEDORA-2010-4287

Check for the Version of trac OpenVAS Vulnerability Test Fedora Update for trac FEDORA-2010-4287 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

0.1AI score
Exploits0References2
OpenVAS
OpenVAS
added 2010/04/06 12:0 a.m.12 views

Fedora Update for trac FEDORA-2010-4318

Check for the Version of trac OpenVAS Vulnerability Test Fedora Update for trac FEDORA-2010-4318 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Exploits0References2
Fedora
Fedora
added 2010/04/01 5:18 p.m.16 views

[SECURITY] Fedora 13 Update: trac-0.11.7-1.fc13

Trac is an integrated system for managing software projects, an enhanced wiki, a flexible web-based issue tracker, and an interface to the Subversion revision control system. At the core of Trac lies an integrated wiki and issue/bug database. Using wiki markup, all objects managed by Trac can...

2.1AI score
Exploits0
Rows per page
Query Builder