Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2020/08/17 7:13 a.m.35 views

CVE-2020-13941

A flaw was found in Solr. The Replication handler allows commands backup, restore, and delete backup that take non-validated allocation parameters which may result in the exfiltration of sensitive data such as OS user hashes NTLM/LMhashes. The highest threat from this vulnerability is to data...

8.8CVSS4.1AI score0.01961EPSS
Exploits0References7
NVD
NVDadded 2020/05/12 8:15 p.m.9 views

CVE-2020-12772

An issue was discovered in Ignite Realtime Spark 2.8.3 and the ROAR plugin for it on Windows. A chat message can include an IMG element with a SRC attribute referencing an external host's IP address. Upon access to this external host, the NTLM hashes of the user are sent with the HTTP request. Th...

8.8CVSS8.6AI score0.00842EPSS
Exploits1References1
Kitploit
Kitploitadded 2019/02/27 12:45 p.m.135 views

Ophcrack - A Windows Password Cracker Based On Rainbow Tables

Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms. Features: Runs on Windows, Linux/Unix, Mac OS X, ... Cracks LM...

7.5AI score
Exploits0
Hacker One
Hacker Oneadded 2017/09/17 4:21 p.m.30 views

Ubiquiti Inc.: Remote Code Execution at http://tw.corp.ubnt.com

The researcher found a Command Injection in tw.corp.ubnt.com. While hunting i came across a host of Ubiquiti Networks tw.corp.ubnt.com , when i browsed to http://tw.corp.ubnt.com there was Dir listing enabled which contained various sensitive information. This was reported to Ubiquiti Team. Howev...

7.2AI score
Exploits0
n0where
n0whereadded 2016/11/28 5:17 a.m.22 views

Domain Password Audit Tool: DPAT

Domain Password Audit Tool This is a python script that will generate password use statistics from password hashes dumped from a domain controller and a password crack file such as oclHashcat.pot generated from the oclHashcat tool during password cracking. The report is an HTML report with...

7AI score
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2012/08/10 12:0 a.m.30 views

CentOS 6 : openldap (CESA-2012:1151)

Updated openldap packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

4.3CVSS5.6AI score0.00564EPSS
Exploits0References2
Oracle linux
Oracle linuxadded 2012/08/08 12:0 a.m.31 views

openldap security and bug fix update

2.4.23-26.2 - CVE-2012-2668 825875 cipher suite selection by name can be ignored default cipher suite is always selected 2.4.23-26.1 - fix: smbk5pwd module computes invalid LM hashes 820278...

4.3CVSS0.3AI score0.00564EPSS
Exploits0
The Hacker News
The Hacker Newsadded 2011/04/28 10:38 a.m.11 views

John the Ripper 1.7.7 new version Released !

John the Ripper 1.7.7 new version Released ! "John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt3 password hash types commonly found on Unix...

7AI score
Exploits0
Rows per page
Query Builder