Lucene search
+L

158 matches found

Imperva Blog
Imperva Blog
added 2018/02/14 5:0 p.m.17 views

Integrate Your Ticketing System into Database Security to Prevent DBA Privilege Abuse

Many of the recent high-profile data security breaches were made by trusted insiders. They are often database administrators DBAs who are highly privileged and trusted insiders with access to sensitive data. In this blog post, I will discuss the inherent risk introduced by highly privileged...

7.1AI score
Exploits0
CNVD
CNVD
added 2017/09/30 12:0 a.m.4 views

SQL Injection Vulnerability in check_need_status, check_pay_sum Methods of WK+shop General Mall System

WK+shop is a mall system based on the technology of PHP+MySQL, developed using ThinkPHP5.0 framework, which combines the Witcott mission system with multiple mall systems. WK+shop general mall system checkneedstatus, checkpaysum method SQL injection vulnerability, attackers can construct a specif...

7.9AI score
Exploits0
GithubExploit
GithubExploit
added 2017/09/13 3:24 p.m.152 views

Exploit for Code Injection in Microsoft

CVE-2017-8759 This repo contains sample exploits for CVE-2017...

9.3CVSS7.7AI score0.99933EPSS
Exploits49
hackapp
hackapp
added 2016/04/01 10:17 a.m.9 views

Speed Cars: Real Racer Need 3D - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Speed Cars: Real Racer Need 3D published at the 'play' market has multiple vulnerabilities...

2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:2 a.m.13 views

Need for Speed™ Network - Certificates or keys found, External URLs, KeyStore usage vulnerabilities

HackApp vulnerability scanner discovered that application Need for Speed™ Network published at the 'play' market has multiple vulnerabilities...

Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:1 a.m.11 views

High Speed Race: Racing Need - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application High Speed Race: Racing Need published at the 'play' market has multiple vulnerabilities...

1.2AI score
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2015/03/17 2:39 p.m.4 views

kernel: NULL pointer dereference in madvise(MADV_WILLNEED) support

A NULL pointer dereference flaw was found in the way the Linux kernel's madvise MADVWILLNEED functionality handled page table locking. A local, unprivileged user could use this flaw to crash the system...

7.2CVSS6.6AI score0.00404EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/03/05 11:13 a.m.5 views

kernel: NULL pointer dereference in madvise(MADV_WILLNEED) support

A NULL pointer dereference flaw was found in the way the Linux kernel's madvise MADVWILLNEED functionality handled page table locking. A local, unprivileged user could use this flaw to crash the system...

7.2CVSS6.6AI score0.00404EPSS
Exploits0References4
NVD
NVD
added 2014/09/18 10:55 a.m.18 views

CVE-2014-5921

The Need for Speed Network aka com.ea.nfsautolog.bv application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS5.9AI score0.00271EPSS
Exploits0References3
Prion
Prion
added 2014/09/18 10:55 a.m.13 views

Information disclosure

The Need for Speed Network aka com.ea.nfsautolog.bv application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS6.4AI score0.00271EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2014/09/18 10:0 a.m.39 views

CVE-2014-5921

The CVE-2014-5921 entry concerns the Need for Speed Network Android app (version 1.0.1) and its SSL/TLS trust handling. The vulnerability is that the app does not verify X.509 certificates from SSL servers, enabling a man-in-the-middle to spoof servers and obtain sensitive information via a craft...

5.4CVSS6AI score0.00271EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/09/18 10:0 a.m.23 views

CVE-2014-5921

The Need for Speed Network aka com.ea.nfsautolog.bv application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9AI score0.00271EPSS
Exploits0References3
Cisco Threats
Cisco Threats
added 2013/07/01 6:53 p.m.11 views

Threat Outbreak Alert: Fake Product Services Specification Request Email Messages on August 29, 2013

Medium Alert ID: 29868 First Published: 2013 July 1 18:53 GMT Last Updated: 2013 August 29 12:36 GMT Version: 9 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a business specification and outlines for the recipient. The text in the...

6.7AI score
Exploits0
Exploit DB
Exploit DB
added 2012/04/09 12:0 a.m.41 views

Snort 2 - DCE/RPC Preprocessor Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Snort 2 DCE/RPC preprocessor Buffer...

10CVSS7AI score0.79319EPSS
Exploits15
The Hacker News
The Hacker News
added 2012/01/16 9:28 a.m.7 views

Fake Angry Birds Game spreading Malware from Android Market

Fake Angry Birds Game spreading Malware from Android Market From last week premium rate SMS Trojans surfaced in the Android Market. Google has pulled 22 apps that are masquerading as legitimate versions of popular games like Angry Birds and Cut the Rope. Security researchers have discovered a way...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/03/01 12:0 a.m.443 views

EA Need For Speed Underground Detection

The remote host is running a client relay service for Electronic Arts Need For Speed Underground or a clone of that game. This is a kind of port mapper in that the service provides dynamic port numbers to client software. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5.5AI score
Exploits0References2
myhack58
myhack58
added 2008/07/27 12:0 a.m.47 views

The big data library default address-vulnerability warning-the black bar safety net

data/dvbbs7. mdb Action Network Forum database /databackup/dvbbs7. mdb Action Network Forum database /bbs/databackup/dvbbs7. mdb Action Network Forum database /admin/data/qcdnnews. mdb green to create article management system database /data/qcdnnews. mdb green to create article management system...

0.2AI score
Exploits0
0day.today
0day.today
added 2006/01/15 12:0 a.m.51 views

MS Windows Metafile (WMF) Remote File Download Exploit Generator

Exploit for unknown platform in category remote exploits ================================================================ MS Windows Metafile WMF Remote File Download Exploit Generator ================================================================ / \ / WMF nDay download Exploit Generator \ by...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2005/05/27 4:0 a.m.22 views

CVE-2004-2099

Buffer overflow in Need for Speed Hot Pursuit 2.0 client NFSHP2, version 242 and earlier, allows remote attackers servers to execute arbitrary code via long 1 gamename, 2 gamever, 3 hostname, 4 gametype, 5 mapname or 6 gamemode commands...

8AI score0.04281EPSS
Exploits1References4
NVD
NVD
added 2004/12/31 5:0 a.m.10 views

CVE-2004-2099

Buffer overflow in Need for Speed Hot Pursuit 2.0 client NFSHP2, version 242 and earlier, allows remote attackers servers to execute arbitrary code via long 1 gamename, 2 gamever, 3 hostname, 4 gametype, 5 mapname or 6 gamemode commands...

5.1CVSS8AI score0.04281EPSS
Exploits1References4
Rows per page
Query Builder