218 matches found
bellperson (>=0.3.4 <=0.15.0), ff-cl-gen (>=0.1.0 <=0.3.0) +10 more potentially affected by CVE-2021-25908 via fil-ocl (=0.19.6)
fil-ocl CARGO version =0.19.6 is affected by a known vulnerability. The following packages have a transitive dependency on fil-ocl and may be impacted: - bellperson =0.3.4, =0.1.0, =5.0.0, =5.0.0, =2.3.0, =0.1.0, =0.1.0, =5.0.0, =5.4.0, =5.0.0, =5.0.0, =0.1.1, =0.1.2 Source cves: CVE-2021-25908...
Ethereum Go-ethereum 资源管理错误漏洞
Ethereum Go-ethereum is a codebase from the Ethereum community that implements the ethereum protocol in the Go language. A security vulnerability exists in Ethereum Go-ethereum versions prior to 1.9.25, which stems from a denial of service vulnerability that can crash the LES server via a malicio...
pocsuite
This is a Python-based framework for remote vulnerability testing and proof-of-concept development, known as Pocsuite. It is developed by the Knownsec Security Team and comes with a powerful proof-of-concept engine, many niche features for penetration testers and security researchers. The framewo...
CVE-2017-12842
Bitcoin Core before 0.14 allows an attacker to create an ostensibly valid SPV proof for a payment to a victim who uses an SPV wallet, even if that payment did not actually occur. Completing the attack would cost more than a million dollars, and is relevant mainly only in situations where an...
Exploit for Improper Certificate Validation in Microsoft
Awesome-CVE-2020-0601 ✔ !Awesomehttps://cdn.rawgit.com/si...
What Are Zero-Knowledge Proofs?
How do you make blockchain and other transactions truly private? With mathematical models known as zero-knowledge proofs...
CVE-2018-15805
creationtimestamp| type| source ---|---|--- 2018-11-13 14:25:54+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/2023 2023-06-09 14:01:37+00:00| published-proof-of-concept| https://t.me/GhostPrincess/12197 2024-05-12 12:35:21+00:00| published-proof-of-concept|...
exploit-database
This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit Database is a...
A Typo in Zerocoin's Source Code helped Hackers Steal ZCoins worth $585,000
Are you a programmer? If yes, then you would know the actual pain of... "forgetting a semicolon," the hide and seek champion since 1958. Typos annoy everyone. Remember how a hacker's typo stopped the biggest bank heist in the history, saved $1 billion of Bangladesh bank from getting stolen. But...
Bitcoin Creator Has Finally Unmasked Himself. Maybe, Real?
The mysterious creator of the BITCOIN digital cryptocurrency seems to have been identified as an Australian entrepreneur, and his name is: Craig Steven Wright. Five months after Wright, an Australian computer scientist and businessman was outed as Satoshi Nakamoto, revealed himself as the origina...
Symantec Web Gateway 5.0.3.18 LFI Remote ROOT RCE Exploit
No description provided by source. !/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obtain a root shell using a different LFI...
minibb 2.2 (css/sql/fpd) Multiple Vulnerabilities
No description provided by source. Author: GiReX Homepage: girex.altervista.org Date: 21/04/2008 CMS: miniBB 2.2 and maybe prior Site: minibb.net Bug 1: Full Path Disclosure Bug 2: Cross Site Scripting Bug 3: Remote SQL Injection Need: registerglobals = On ---------------------------------------...
Zoom X4 / X5 SQL Injection / Authentication Bypass Vulnerabilities
Zoom X4 and X5 modems suffers from authentication bypass and remote SQL injection vulnerabilities. Vulnerable Products - Zoom X4 ADSL Modem and Router running Nucleus/4.3 UPnP/1.0Virata-EmWeb/R620 Server All GS Firmware versions Zoom X5 ADSL Modem and Router running Nucleus/4.3...
Exclusive Report : Is Department of Defense (DoD), Pentagon, NASA, NSA is Secure ?
Exclusive Report : Is Department of Defense DoD, Pentagon, NASA, NSA is Secure ? Over the past couple of weeks there has been a series of discussions around why the U.S defense and Intelligence agencies are moving so quickly to adopt cloud computing. Are there any Security Holes in their Security...
Plesk Small Business Manager 10.2.0 and Site Editor - Multiple Vulnerabilities
Plesk Small Business Manager 10.2.0 and Site Editor - Multiple Vulnerabilities XSS + SQL Injection in Plesk Small Business Manager 10.2 + Site Editor Vendor: Plesk Small Business Manager 10.2 + Site Editor Product Description URL http://www.parallels.com/products/small-business-panel/ Date:...
Accellion Secure File Transfer Appliance - Multiple Command Restriction / Privilege Escalations
source: https://www.securityfocus.com/bid/38176/info Accellion File Transfer Appliance is prone to multiple remote vulnerabilities, including: - Multiple privilege-escalation issues - A directory-traversal issue - An HTML-injection issue - A remote command-injection issue An attacker may leverage...
MULTIPLE SQL INJECTION VULNERABILITIES --Joomla Component 'Boy Scout Advancement' <= v-0.3 (com_bsadv)-->
------------------------------------------------------------------------------------------------------------ MULTIPLE SQL INJECTION VULNERABILITIES --Joomla Component 'Boy Scout Advancement' = v-0.3 combsadv--...
[Full-Disclosure] Turbo Traffic Trader Nitro v1.0 SQL Injection & XSS Proofs of Concept
+-----------------------------------------------------------------------+ | Turbo Traffic Trader Nitro v1.0 SQL Injection & XSS Proofs of Concept | | By aCiDBiTS [email protected] 10-Oct-2004 | +-----------------------------------------------------------------------+ Your web application needs a...