Lucene search
K

7082 matches found

Cvelist
Cvelist
added 2021/03/10 2:10 a.m.21 views

CVE-2020-29238

An integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted request...

7.7AI score0.16652EPSS
Exploits3References4
CVE
CVE
added 2021/03/10 2:10 a.m.139 views

CVE-2020-29238

CVE-2020-29238 describes an integer buffer overflow in the Nginx webserver used by ExpressVPN Router firmware v1, when the server runs as a reverse proxy. The vulnerability allows remote attackers to cause information disclosure via specially crafted requests. Affected product is ExpressVPN Route...

7.5CVSS7.6AI score0.16652EPSS
Exploits3References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.17 views

EulerOS Virtualization 3.0.2.6 : ruby (EulerOS-SA-2021-1450)

According to the version of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled wit...

7.5CVSS7.3AI score0.03772EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/03/09 12:0 a.m.12 views

SAP Business Objects Business Intelligence Platform 输入验证错误漏洞

SAP Netweaver Application Server Java is part of the SAP NetWeaver Application Platform, which provides a complete infrastructure for deploying and running Java applications. A reverse tag phishing vulnerability exists in SAP Netweaver Application Server Java 7.00, 7.10, 7.11, 7.20, 7.30, 7.31,...

6.1CVSS5.6AI score0.00666EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/03/09 12:0 a.m.4 views

ExpressVPN Router 输入验证错误漏洞

ExpressVPN Router is a VPN router from ExpressVPN UK. It provides a protected network communication feature. ExpressVPN Router suffers from an input validation error vulnerability that originates from an integer buffer overflow in the Nginx web server, which can be exploited by an attacker to...

7.5CVSS7.6AI score0.16652EPSS
Exploits3References6
Exploit DB
Exploit DB
added 2021/03/09 12:0 a.m.261 views

Golden FTP Server 4.70 - 'PASS' Buffer Overflow (2)

Golden FTP Server 4.70 - 'PASS' Buffer Overflow 2 Author: 1F98D Original Authors: Craig Freyman cd1zz and Gerardo Iglesias Galvan iglesiasgg Tested on Windows 10 x64 A buffer overflow exists in GoldenFTP during the authentication process. Note that the source ip address of the user performing the...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/03/08 12:0 a.m.318 views

Hotel And Lodge Management System 1.0 Shell Upload

Exploit Title: Hotel and Lodge Management System 1.0 - Remote Code Execution Unauthenticated Date: 07-03-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/13707/hotel-and-lodge-management-system.html...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/03/08 12:0 a.m.15 views

Hotel and Lodge Management System 1.0 - Remote Code Execution (Unauthenticated) Exploit

Exploit Title: Hotel and Lodge Management System 1.0 - Remote Code Execution Unauthenticated Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/13707/hotel-and-lodge-management-system.html Version: 1.0 Tested o...

0.1AI score
Exploits0
Snyk
Snyk
added 2021/03/07 11:42 a.m.2 views

Malicious Package

Overview rcenodejs is a malicious package. It uses a preinstall script to execute a reverse shell. Remediation Avoid using all malicious instances of the rcenodejs package. Credit: Snyk Research...

10CVSS7AI score
Exploits0References2
Kitploit
Kitploit
added 2021/03/07 11:30 a.m.44 views

packetStrider - A Network Packet Forensics Tool For SSH

packetStrider for SSH is a packet forensics tool that aims to provide valuable insight into the nature of SSH traffic, shining a light into the corners of SSH network traffic where golden nuggets of information previously lay in the dark. The problem that packet strider aims to help with AKA Why?...

6.6CVSS6.6AI score0.01533EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/03/05 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-1450)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.03772EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2021/03/03 7:12 p.m.43 views

Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow

Researchers have spotted malicious packages targeting internal applications for Amazon, Lyft, Slack and Zillow among others inside the npm public code repository — all of which exfiltrate sensitive information. The packages weaponize a proof-of-concept PoC code dependency-confusion exploit that w...

7.2AI score
Exploits0References6
Gitee
Gitee
added 2021/03/03 1:35 p.m.6 views

vxhunter

This is an offensive tool for embedded device analysis. It is a toolset for VxWorks based embedded device analyses, specifically designed for analyzing VxWorks firmware. The toolset includes plugins written in Python for analyzing firmware loading address, fixing function names with symbol tables...

7AI score
Exploits0
0day.today
0day.today
added 2021/03/03 12:0 a.m.1684 views

AnyDesk 5.5.2 - Remote Code Execution Exploit

Exploit Title: AnyDesk 5.5.2 - Remote Code Execution Exploit Author: scryh Vendor Homepage: https://anydesk.com/en Version: 5.5.2 Tested on: Linux Walkthrough: https://devel0pment.de/?p=1881 !/usr/bin/env python import struct import socket import sys ip = '192.168.x.x' port = 50001 def...

9.8CVSS9.6AI score0.80551EPSS
Exploits8
Exploit DB
Exploit DB
added 2021/03/03 12:0 a.m.407 views

AnyDesk 5.5.2 - Remote Code Execution

Exploit Title: AnyDesk 5.5.2 - Remote Code Execution Date: 09/06/20 Exploit Author: scryh Vendor Homepage: https://anydesk.com/en Version: 5.5.2 Tested on: Linux Walkthrough: https://devel0pment.de/?p=1881 !/usr/bin/env python import struct import socket import sys ip = '192.168.x.x' port = 50001...

7.4AI score
Exploits0
Gitee
Gitee
added 2021/03/02 10:7 p.m.4 views

nightmare

This repository is an open-source project for teaching binary exploitation and reverse engineering skills through a series of challenges. It is a collection of CTF Capture The Flag challenges designed to help learners develop their skills in exploiting binaries and reversing assembly code. The...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2021/02/26 11:30 a.m.46 views

OpenWifiPass - An Open Source Implementation Of Apple's Wi-Fi Password Sharing Protocol In Python

An open source implementation of the grantor role in Apple's Wi-Fi Password Sharing protocol. Disclaimer OpenWifiPass is experimental software and is the result of reverse engineering efforts by the Open Wireless Link project. The code serves solely documentary and educational purposes. It is...

6.8AI score
Exploits0References2
OpenVAS
OpenVAS
added 2021/02/25 12:0 a.m.18 views

Fedora: Security Advisory for radare2 (FEDORA-2021-e3c95619c1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.6AI score
Exploits0References2
Fedora
Fedora
added 2021/02/24 8:47 p.m.69 views

[SECURITY] Fedora 32 Update: radare2-5.1.1-1.fc32

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

7.5CVSS0.4AI score0.01819EPSS
Exploits2
Kitploit
Kitploit
added 2021/02/21 11:30 a.m.117 views

PE-Packer - A Simple Windows X86 PE File Packer Written In C And Microsoft Assembly

PE-Packer is a simple packer for Windows PE files. The new PE file after packing can obstruct the process of reverse engineering. It will do the following things when packing a PE file: Transforming the original import table. Encrypting sections. Clearing section names. Installing the shell-entry...

7.4AI score
Exploits0References2
Rows per page
Query Builder