Lucene search
K

182 matches found

exploitpack
exploitpack
added 2018/06/08 12:0 a.m.40 views

Splunk 7.0.1 - Information Disclosure

Splunk 7.0.1 - Information Disclosure Exploit Title: Splunk 7.0.1 - Information Disclosure Date: 2018-05-23 Exploit Author: KoF2002 Vendor Homepage: https://www.splunk.com/ Version: 6.2.3 - 7.01 MAYBE ALL VERSION AFFECTED Tested on: Linux OS CVE : CVE-2018-11409 Splunk through 6.2.3 7.0.1 allows...

5CVSS5.1AI score0.98371EPSS
Exploits7
exploitdb
exploitdb
added 2018/06/08 12:0 a.m.76 views

Splunk < 7.0.1 - Information Disclosure

Exploit Title: Splunk 7.0.1 - Information Disclosure Date: 2018-05-23 Exploit Author: KoF2002 Vendor Homepage: https://www.splunk.com/ Version: 6.2.3 - 7.01 MAYBE ALL VERSION AFFECTED Tested on: Linux OS CVE : CVE-2018-11409 Splunk through 6.2.3 7.0.1 allows information disclosure by appending...

5.3CVSS5.3AI score0.98371EPSS
Exploits7
nvd
nvd
added 2018/06/01 6:29 p.m.25 views

CVE-2016-10609

chromedriver126 is chromedriver version 1.26 for linux OS. chromedriver126 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacke...

9.3CVSS8.4AI score0.02021EPSS
Exploits0References1
prion
prion
added 2018/06/01 6:29 p.m.17 views

Remote code execution

chromedriver126 is chromedriver version 1.26 for linux OS. chromedriver126 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacke...

9.3CVSS8.1AI score0.02021EPSS
Exploits0References1Affected Software1
cve
cve
added 2018/06/01 6:0 p.m.54 views

CVE-2016-10609

The CVE-2016-10609 entry refers to chromedriver126 (Chromedriver 1.26 for Linux) that downloads binary resources over HTTP, creating a MITM risk. In adversarial network positions, an attacker could intercept the HTTP response and swap the binary with malware, potentially causing remote code execu...

9.3CVSS8.3AI score0.02021EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2018/05/17 3:0 a.m.29 views

CVE-2018-0279

A vulnerability in the Secure Copy Protocol SCP server of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation of...

8.8AI score0.04569EPSS
Exploits0References2
zdt
zdt
added 2018/05/12 12:0 a.m.37 views

EMC RecoverPoint 4.3 - Admin CLI Command Injection Vulnerability

Exploit for windows platform in category local exploits Exploit Title: EMC RecoverPoint 4.3 - Admin CLI Command Injection Version: RecoverPoint prior to 5.1.1 RecoverPoint for VMs prior to 5.0.1.3 Date: 2018-05-11 Exploit Author: Paul Taylor Github: https://github.com/bao7uo Tested on: RecoverPoi...

7.2CVSS0.1AI score0.06308EPSS
Exploits5
thn
thn
added 2018/04/17 11:8 a.m.70 views

Microsoft built its own custom Linux OS to secure IoT devices

Finally, it's happening. Microsoft has built its own custom Linux kernel to power "Azure Sphere," a newly launched technology that aims to better secure billions of "Internet of things" devices by combining the custom Linux kernel with new chip design, and its cloud security service. Project Azur...

Exploits0
nvd
nvd
added 2018/03/08 7:29 a.m.25 views

CVE-2018-0141

A vulnerability in Cisco Prime Collaboration Provisioning PCP Software 11.6 could allow an unauthenticated, local attacker to log in to the underlying Linux operating system. The vulnerability is due to a hard-coded account password on the system. An attacker could exploit this vulnerability by...

8.4CVSS8.3AI score0.00434EPSS
Exploits0References3
hackread
hackread
added 2018/02/20 5:33 p.m.51 views

Hackers Exploite Tegra Chipset Flaw to Run Linux OS on Nintendo Switch

By Waqas The exploit is unpatched putting Nintendo Switch devices at risk. This is a post from HackRead.com Read the original post: Hackers Exploite Tegra Chipset Flaw to Run Linux OS on Nintendo Switch...

7AI score
Exploits0
ossfuzz
ossfuzz
added 2018/01/29 1:15 p.m.19 views

chakra: Heap-double-free in void Memory::SmallHeapBlockT<SmallAllocationBlockAttributes>::SweepObjects<

Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=5709198886174720 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Heap-double-free Crash Address: 0x61500002e100 Crash State: void...

6.7AI score
Exploits0Affected Software1
exploitpack
exploitpack
added 2017/11/04 12:0 a.m.25 views

Actiontec C1000A Modem - Backdoor Account

Actiontec C1000A Modem - Backdoor Account Exploit Title: Actiontec C1000A backdoor account Google Dork: NA Date: 11/04/2017 Exploit Author: Joseph McDonagh Vendor Homepage: https://actiontecsupport.zendesk.com/hc/en-us Software Link: N/A Hardware Version: Firmware CAC003-31.30L.86 Tested on: Linu...

0.5AI score
Exploits0
kitploit
kitploit
added 2017/09/16 9:0 p.m.94 views

Yuki Chan - Automate Pentest Tool

The Yuki Chan is an Automated Penetration Testing tool this tool will auditing all standard security test method for you. WARNING I highly recommend using this tool by using Kali Linux OS By using this tool it means you agree with terms, conditions, and risks By using this tool you agree that 1...

6.5AI score
Exploits0References7
nvd
nvd
added 2017/03/30 7:59 a.m.17 views

CVE-2016-10308

Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account, with an unchangeable password that is the same across all devices. This account is accessible via both SSH and the device's web interface and grants access to the underlying embedded Linux OS on the...

10CVSS9.5AI score0.02936EPSS
Exploits1References2
prion
prion
added 2017/03/30 7:59 a.m.13 views

Command injection

Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account, with an unchangeable password that is the same across all devices. This account is accessible via both SSH and the device's web interface and grants access to the underlying embedded Linux OS on the...

10CVSS7.3AI score0.02936EPSS
Exploits1References2Affected Software1
cve
cve
added 2017/03/30 7:0 a.m.50 views

CVE-2016-10308

CVE-2016-10308 affects Siklu EtherHaul radios running versions prior to 3.7.1 and 6.x prior to 6.9.0. The vulnerability stems from a built-in, hidden root account with an unchangeable password shared across all devices. This account allows access to the embedded Linux OS via both SSH and the devi...

10CVSS9.3AI score0.02936EPSS
Exploits1References2Affected Software1
n0where
n0where
added 2017/02/16 5:2 a.m.36 views

Generate Backdoor With msfvenom: TheFatRat

Generate Backdoor With msfvenom A tool to generate backdoor with msfvenom easily a part from metasploit framework. This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac. The malware, created with this tool also have an ability to...

0.3AI score
Exploits0References1
redhat
redhat
added 2016/12/20 11:44 a.m.257 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

10CVSS6.8AI score0.24299EPSS
Exploits0References2
kitploit
kitploit
added 2016/10/17 2:30 p.m.38 views

DracOS - Lightweight and Powerful Penetration Testing OS

Dracos Linux www.dracos-linux.org is the Linux operating system from Indonesian , open source is built based on the Linux From Scratch under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testin...

7.5AI score
Exploits0
korelogic
korelogic
added 2016/10/05 12:0 a.m.675 views

Cisco Firepower Threat Management Console Remote Command Execution Leading to Root Access

Vulnerability Details Affected Vendor: Cisco Affected Product: Firepower Threat Management Console Affected Version: Cisco Fire Linux OS 6.0.1 build 37/build 1213 Platform: Embedded Linux CWE Classification: CWE-434: Unrestricted Upload of File with Dangerous Type, CWE-94: Improper Control of...

9CVSS0.7575EPSS
Exploits8Affected Software1
Rows per page
Query Builder