Lucene search
K

431 matches found

Prion
Prion
added 2017/04/04 4:59 p.m.18 views

Default credentials

DISPUTED Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor...

1.9CVSS6.5AI score0.00361EPSS
Exploits1References2Affected Software1
Kitploit
Kitploit
added 2017/02/23 2:33 p.m.17 views

Lynis 2.4.3 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

6.9AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.4 views

Update for Windows 8.1 OOBE to upgrade to Windows 10

Update for Windows 8.1 OOBE to upgrade to Windows 10 About this update This update is for Windows 8.1 out-of-box experience OOBE. This update lets you start an immediate free upgrade to Windows 10 during the Windows 8.1 OOBE process. This update applies only to the Windows 8.1 OOBE process. It is...

5.9AI score
Exploits0
Veeam
Veeam
added 2016/10/06 12:0 a.m.25 views

Name of Backups Entry Does Not Match Job Name

Challenge The name of the backup job has been changed, causing entries found under the Backups node to no longer match their associated job. In the example screenshot above, the job was first run with the name "Backup Job 1," and after the initial run, the job was renamed to "DC Backup." The...

6.8AI score
Exploits0Affected Software1
Debian
Debian
added 2016/07/25 2:18 p.m.48 views

[SECURITY] [DSA 3628-1] perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3628-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2016 https://www.debian.org/security/faq -...

7.8CVSS8.6AI score0.00787EPSS
Exploits1
Debian
Debian
added 2016/07/25 2:18 p.m.34 views

[SECURITY] [DSA 3628-1] perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3628-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2016 https://www.debian.org/security/faq -...

7.2CVSS0.7AI score0.00787EPSS
Exploits1
The Hacker News
The Hacker News
added 2016/07/08 4:40 a.m.14 views

Facebook Messenger adds End-to-End Encryption (Optional) for Secret Conversations

Facebook has begun rolling out end-to-end encryption for its Messenger app, thus making its users' conversations completely private. The end-to-end encryption feature, dubbed "Secret Conversations," will allow Messenger users to send and receive messages in a way that no one, including the FBI wi...

6.5AI score
Exploits0
CNVD
CNVD
added 2016/05/27 12:0 a.m.2 views

SAP NetWeaver AS JAVA SQL Injection Vulnerability

SAP NetWeaver is an integrated, service-oriented application platform that provides a development and runtime environment for SAP applications.SAP NetWeaver AS Java is an application server that runs in NetWeaver and is based on the Java programming language. An SQL injection vulnerability exists...

7.9AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2016/05/16 10:59 a.m.44 views

CVE-2015-3152

Oracle MySQL before 5.7.3, Oracle MySQL Connector/C aka libmysqlclient before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack...

5.9CVSS6.8AI score0.07083EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2016/04/08 12:0 a.m.22 views

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-431)

This update for java-170-openjdk fixes the following issues : java-170-openjdk was updated to 2.6.5 - OpenJDK 7u99 boo972468 - Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency - Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX...

9.3CVSS7.6AI score0.05765EPSS
Exploits0References2
OSV
OSV
added 2015/12/31 12:0 a.m.1 views

UBUNTU-CVE-2015-8838

ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152...

5.9CVSS6.9AI score0.01734EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2015/12/10 12:0 a.m.32 views

appRain 4.0.3 Cross Site Request Forgery

Security Advisory - Curesec Research Team 1. Introduction Affected Product: appRain 4.0.3 Fixed in: Fixed via Optional Module CSRF Protection Module http://www.apprain.com/extension/20/accounting-system?s Link: =Description Vendor Website: [email protected] Vulnerability Type: CSRF Remote...

0.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2015/10/29 12:0 a.m.7 views

The vulnerabilities of PDF editing programs like Adobe Acrobat and Adobe Acrobat Document Cloud, as well as PDF viewing programs like Adobe Reader and Adobe Reader Document Cloud, allow attackers to execute arbitrary code.

The vulnerabilities of PDF editing programs like Adobe Acrobat and Adobe Acrobat Document Cloud, as well as PDF viewing programs like Adobe Reader and Adobe Reader Document Cloud, are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow a malicious actor to...

9.3CVSS6.1AI score0.05995EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2015/10/14 11:59 p.m.18 views

CVE-2015-6688

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via ...

6.8CVSS7AI score0.05995EPSS
Exploits0References3
Cvelist
Cvelist
added 2015/10/14 11:0 p.m.28 views

CVE-2015-6688

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via ...

7AI score0.05995EPSS
Exploits0References3
n0where
n0where
added 2015/10/13 6:36 p.m.16 views

PE Static Malware Analysis: PortEx

PortEx is a Java library for static malware analysis of portable executable files. Its focus is on PE malformation robustness and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading Header information from: MSDOS Header, COFF File Header,...

6.9AI score
Exploits0References3
Kitploit
Kitploit
added 2015/04/19 7:52 p.m.12 views

Lynis 2.1.0 - Security Auditing Tool for Unix/Linux Systems

Lynis is an open source security auditing tool. Commonly used by system administrators, security professionals and auditors, to evaluate the security defenses of their Linux/Unix based systems. It runs on the host itself, so it can perform very extensive security scans. Supported operating system...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2015/03/10 5:0 p.m.16 views

RAWR - Rapid Assessment of Web Resources

Features A customizable CSV containing ordered information gathered for each host, with a field for making notes/etc. An elegant, searchable, JQuery-driven HTML report that shows screenshots, diagrams, and other information. A report on relevent security headers, courtesy of SmeegeSec. a CSV Thre...

6.8AI score
Exploits0References1
Exploit DB
Exploit DB
added 2014/12/22 12:0 a.m.29 views

x64 Linux bind TCP port shellcode 81 bytes, 96 with password

x64 Linux bind TCP port shellcode 81 bytes, 96 with password. Shellcode exploit for linx86-64 platform / Author: Sean Dillon Copyright: c 2014 CAaNES, LLC. http://caanes.com Release Date: December 19, 2014 Description: x64 Linux null-free TCP bind port shellcode, optional 4 byte password Assemble...

Exploits0
Exploit DB
Exploit DB
added 2014/12/22 12:0 a.m.27 views

x64 Linux reverse TCP connect 77 to 85 bytes, 90 to 98 with password

x64 Linux reverse TCP connect 77 to 85 bytes, 90 to 98 with password. Shellcode exploit for linx86-64 platform / Author: Sean Dillon Copyright: c 2014 CAaNES, LLC. http://caanes.com Release Date: December 19, 2014 Description: x64 Linux null-free reverse TCP shellcode, optional 4 byte password...

7.3AI score
Exploits0
Rows per page
Query Builder