CVE-2019-19163

A Vulnerability in the firmware of COMMAX WallPadCDP-1020MB allow an unauthenticated adjacent attacker to execute arbitrary code, because of a using the old version of MySQL...

Reddit hacked: Hackers steal complete copy of old database backup

By Waqas Reddit says the breach took place after hackers intercepted SMS that were supposed to be delivered to employees. The social media giant Reddit has announced that it has suffered a data breach in which attackers hacked into its system and ended up stealing data of its registered users...

CloudFail - Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

CloudFail is a tactical reconnaissance tool which aims to gather enough information about a target protected by CloudFlare in the hopes of discovering the location of the server. Using Tor to mask all requests, the tool as of right now has 3 different attack phases. 1. Misconfigured DNS scan usin...

GNU findutils 4.0/4.1 - Locate Arbitrary Command Execution

// source: https://www.securityfocus.com/bid/3127/info GNU locate is an application that searches file databases for file names that match user-supplied patterns. A boundary condition error can occur when the program reads database files composed in an "old" format, produced by GNU locate prior t...