Lucene search
+L

209 matches found

CNNVD
CNNVD
added 2021/12/17 12:0 a.m.6 views

laravel-filemanager 代码问题漏洞

laravel-filemanager is an open source tool from UniSharp. A code issue vulnerability exists in laravel-filemanager that stems from the upload function not adequately validating the file type during upload. An attacker can replicate the following steps to exploit the vulnerability:Install a packag...

8.8CVSS7.9AI score0.01821EPSS
Exploits0References8
CNVD
CNVD
added 2021/12/08 12:0 a.m.7 views

Unspecified vulnerability in calibre

Calibre is an open source free all-in-one eBook reading management and format conversion tool. A security vulnerability exists in calibre before 5.32.0, which stems from the inclusion of regular expressions vulnerable to ReDoS Regular Expression Denial of Service attacks in htmlpreprocessrules in...

7.5CVSS6.6AI score0.04986EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/10/04 12:0 a.m.6 views

OnionShare 安全漏洞

OnionShare is an open source tool for securely and anonymously sharing files, hosting websites, and chatting with friends using the Tor network. Used to securely and anonymously share files, host websites, and chat with friends using the Tor network, OnionShare has a file upload vulnerability tha...

9.8CVSS5.6AI score0.0232EPSS
Exploits1References3
Kitploit
Kitploit
added 2021/08/29 9:30 p.m.40 views

PEzor - Open-Source Shellcode And PE Packer

Read the blog posts here: https://iwantmore.pizza/posts/PEzor.html https://iwantmore.pizza/posts/PEzor2.html https://iwantmore.pizza/posts/PEzor3.html https://iwantmore.pizza/posts/PEzor4.html Installation The install.sh is designed to work on a Kali Linux distro. ---------------- \ / \ //\ \ |/|...

7.2AI score
Exploits0References6
CNNVD
CNNVD
added 2021/08/20 12:0 a.m.4 views

rConfig 代码问题漏洞

rConfig is an open source network configuration management utility. rConfig is vulnerable to server-side request forgery, which could be exploited by an attacker to open a connection to a machine via the deviceIpAddr and connPort parameters...

6.5CVSS5.6AI score0.00988EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/08/04 12:0 a.m.4 views

showdoc 安全特征问题漏洞

showdoc is an open source tool ideal for IT teams to share documents online. showdoc in the security features problematic vulnerability , the vulnerability stems from the lack of a limit on the number of client logins and thus vulnerable to password weak pseudo-random number generator PRNG attack...

7.5CVSS6.5AI score0.01064EPSS
Exploits0References3
CNVD
CNVD
added 2021/05/23 12:0 a.m.4 views

Command execution vulnerability in nginxWebUI

nginxWebUI is an open source tool for the web. A command execution vulnerability exists in nginxWebUI. An attacker can exploit the vulnerability to execute arbitrary system commands...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/05/08 12:24 p.m.524 views

Top 12 Security Flaws Russian Spy Hackers Are Exploiting in the Wild

Cyber operatives affiliated with the Russian Foreign Intelligence Service SVR have switched up their tactics in response to previous public disclosures of their attack methods, according to a new advisory jointly published by intelligence agencies from the U.K. and U.S. Friday. "SVR cyber operato...

10CVSS0.4AI score0.99999EPSS
Exploits356
CNVD
CNVD
added 2021/04/28 12:0 a.m.9 views

Unspecified Vulnerability in HashiCorp Terraform

Hashicorp Terraform is an open source tool for provisioning and managing cloud infrastructure from HashiCorp Hashicorp, USA. A security vulnerability exists in HashiCorp Terraform versions prior to 2.19.1 that stems from a failure to properly configure the GCE type binding tag for Vault's GCP...

9.8CVSS6.9AI score0.01597EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/03/05 12:0 a.m.6 views

OSSEC 安全漏洞

Scott R. Shinn OSSEC is Scott R. Shinn an open source application. OSSEC provides a simple, powerful and open source solution that combines all aspects of HIDS Host Based Intrusion Detection, log monitoring and SIM,SIEM. A security vulnerability exists in OSSEC 3.6.0, which stems from the...

7.5CVSS7.3AI score0.01192EPSS
Exploits1References2
Gitee
Gitee
added 2020/06/27 12:2 a.m.5 views

Pocsuite

This repository is an offensive tool for penetration testing and vulnerability assessment. It is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec Security Team. The primary purpose of this tool is to assist penetration testers and...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2020/04/30 7:28 p.m.41 views

Building for Billions: Addressing Security Concerns for Platforms at Scale

Security operations once consisted of a multitude of manual operations based around alerts, thresholds and severity levels. As systems scale and platforms continue to grow, how do you keep up with the growing requirements to secure these transactions and the networks they are built upon?...

6.9AI score
Exploits0References3
CNVD
CNVD
added 2020/04/17 12:0 a.m.3 views

qdPM Injection Vulnerability

qdPM is a Web-based open source project management tool . A security vulnerability exists in qdPM version 9.1. An attacker can exploit the vulnerability to redirect users to a malicious website...

5.8CVSS6.8AI score0.00996EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2020/04/12 7:4 a.m.12 views

dalfox

Looking for the Go v2.x version? Dalfox v3 is a complete...

5.9AI score
Exploits0
CNVD
CNVD
added 2019/12/27 12:0 a.m.2 views

Archery Cross-Site Scripting Vulnerability

Archery is an open source vulnerability assessment and management tool that helps developers and penetration testers perform scans and manage vulnerabilities. A stored cross-site scripting vulnerability exists in the Vulnerability Scan Scheduling page in Archery versions prior to 1.3. An attacker...

5.4CVSS6.3AI score0.00761EPSS
Exploits1References1
Kitploit
Kitploit
added 2019/08/26 9:52 p.m.162 views

4CAN - Open Source Security Tool to Find Security Vulnerabilities in Modern Cars

Open Source Security Tool to Find Security Vulnerabilities in Modern Cars. hardware Tested on the following raspbian images using a pi3b+ Apr 2019 kernel 4.14.98-v7+ Oct 2018 kernel 4.14.71-v7+ Jun 2018 kernel 4.14.50-v7+ 4can should also work with a pi0w, but it's recommended to use at least a...

7.2AI score
Exploits0References2
The Hacker News
The Hacker News
added 2018/08/09 1:13 p.m.20 views

Free Facial Recognition Tool Can Track People Across Social Media Sites

Security researchers at Trustwave have released a new open-source tool that uses facial recognition technology to locate targets across numerous social media networks on a large scale. Dubbed Social Mapper, the facial recognition tool automatically searches for targets across eight social media...

0.2AI score
Exploits0
Talos Blog
Talos Blog
added 2018/04/13 7:0 a.m.24 views

Malware monitor - leveraging PyREBox for malware analysis

This post was authored by Xabier Ugarte Pedrero In July 2017 we released PyREBox, a Python Scriptable Reverse Engineering Sandbox as an open source tool. This project is part of our continuous effort to create new tools to improve our workflows. PyREBox is a versatile instrumentation framework...

0.3AI score
Exploits0
CNVD
CNVD
added 2018/01/03 12:0 a.m.4 views

Leafpub Cross-Site Scripting Vulnerability

Leafpub is an open source PHP and MySQL based code publishing tool . A cross-site scripting vulnerability exists in Leafpub version 1.2.0-beta6. A remote attacker can exploit this vulnerability to cause a denial of service and execute JavaScript code...

5.4CVSS6.6AI score0.00719EPSS
Exploits0References1
Trend Micro Simply Security
Trend Micro Simply Security
added 2017/11/02 10:0 a.m.65 views

ATM Users May Soon Face More Malware

By: David Sancho, Senior Threat Researcher at Trend Micro and Juan Jesús León, Product and New Development Manager of GMV Secure e-Solutions Trend Micro and GMV - an industry expert on ATM security - presented last week in London, during ATMSec, a conference focused on the topic. Our presentation...

6.6AI score
Exploits0
Rows per page
Query Builder