Lucene search
K

7082 matches found

Tenable Nessus
Tenable Nessus
added 2020/08/06 12:0 a.m.54 views

Ubuntu 16.04 LTS : Tomcat vulnerabilities (USN-4448-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4448-1 advisory. It was discovered that Tomcat incorrectly validated the payload length in a WebSocket frame. A remote attacker could possibly use this issue to cause...

7.5CVSS8AI score0.87553EPSS
Exploits16References4
Kitploit
Kitploit
added 2020/08/05 9:30 p.m.48 views

UEFI_RETool - A Tool For UEFI Firmware Reverse Engineering

A tool for UEFIfirmware reverse engineering. UEFI firmware analysis withuefiretool.py script Usage: Copy idaplugin/uefianalyser.py script and idaplugin/uefianalyser directory to IDA plugins directory Edit config.json file PEDIR is a directory that contains all executable images from the UEFI...

7.1AI score
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/08/04 11:18 a.m.5 views

tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling

A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the...

5.8CVSS6.8AI score0.09386EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/08/04 11:17 a.m.4 views

tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling

A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the...

5.8CVSS6.8AI score0.09386EPSS
Exploits0References7
FireEye
FireEye
added 2020/08/04 12:0 a.m.15 views

Announcing the Seventh Annual Flare-On Challenge

The Front Line Applied Research & Expertise FLARE team is honored to announce that the popular Flare-On challenge will return for a triumphant seventh year. Ongoing global events proved no match against our passion for creating challenging and fun puzzles to test and hone the skills of aspiring a...

7.2AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/08/04 12:0 a.m.52 views

Ubuntu 16.04 LTS / 18.04 LTS : Squid vulnerabilities (USN-4446-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4446-1 advisory. Jeriko One discovered that Squid incorrectly handled caching certain requests. A remote attacker could possibly use this issue to perform...

9.8CVSS6.8AI score0.0918EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2020/08/03 12:0 a.m.146 views

OpenEMR 5.0.1 Remote Code Execution

!/usr/bin/env ruby Title: OpenEMR --shell --user --password --debug FILE semi-auto --root-url --user --password --payload --lhost --lport --debug FILE auto --root-url --user --password --lhost --lport --debug FILE -H | --help Options: -r , --root-url Root URL base path including HTTP scheme, port...

Exploits0
0day.today
0day.today
added 2020/08/03 12:0 a.m.268 views

CloudMe 1.11.2 SEH Buffer Overflow Exploit

import socket import sys target = "127.0.0.1" Written by : lutzenfried Clement Cruchet Exploiting CloudMe 1.11.2 Publisher : CloudMe AB Windows x64 10.0.18362 Build 18362 Buffer Overflow using SEH overwritten technic POP POP RET Exploit for CVE-2018-6892 Technical information used for exploit...

9.8CVSS0.4AI score0.93597EPSS
Exploits29
0day.today
0day.today
added 2020/08/03 12:0 a.m.182 views

OpenEMR 5.0.1 Remote Code Execution Exploit

Exploit for php platform in category web applications !/usr/bin/env ruby Title: OpenEMR --shell --user --password --debug FILE semi-auto --root-url --user --password --payload --lhost --lport --debug FILE auto --root-url --user --password --lhost --lport --debug FILE -H | --help Options: -r ,...

7.1AI score
Exploits0
Oracle linux
Oracle linux
added 2020/07/30 12:0 a.m.651 views

kernel security and bug fix update

4.18.0-193.14.32.OL8 - Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x6...

8.2CVSS0.01314EPSS
Exploits0
Kitploit
Kitploit
added 2020/07/28 10:0 p.m.63 views

SNOWCRASH - A Polyglot Payload Generator

A polyglot payload generator Introduction SNOWCRASH creates a script that can be launched on both Linux and Windows machines. Payload selected by the user in this case combined Bash and Powershell code is embedded into a single polyglot template, which is platform-agnostic. There are few payloads...

7.5AI score
Exploits0References1
Malwarebytes
Malwarebytes
added 2020/07/28 4:55 p.m.76 views

TikTok is being discouraged and the app may be banned

In recent news retail giant Amazon sent a memo to employees telling them to delete the popular social media app TikTok from their phones. In the memo it stated that the app would pose a security risk without going into details. Later the memo was withdrawn without an explanation except that it wa...

6.6AI score
Exploits0
0day.today
0day.today
added 2020/07/27 12:0 a.m.635 views

pfSense 2.4.4-p3 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: pfSense 2.4.4-p3 - Cross-Site Request Forgery Exploit Author: ghostfh Vendor Homepage: https://www.pfsense.org/ Software Link: https://www.pfsense.org/download/index.html?section=downloads Version: Till 2.4.4-p3 Tested on: freeb...

6.8CVSS0.54541EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/07/27 12:0 a.m.276 views

pfSense 2.4.4-p3 Cross Site Request Forgery

Exploit Title: pfSense 2.4.4-p3 - Cross-Site Request Forgery Date: 2019-09-27 Exploit Author: ghostfh Vendor Homepage: https://www.pfsense.org/ Software Link: https://www.pfsense.org/download/index.html?section=downloads Version: Till 2.4.4-p3 Tested on: freebsd CVE : CVE-2019-16667 Vulnerability...

6.8CVSS0.5AI score0.54541EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/07/27 12:0 a.m.156 views

docPrint Pro 8.0 Buffer Overflow

Exploit Title: docPrint Pro 8.0 - 'Add URL' Buffer Overflow SEH Egghunter Date: 2020-07-26 Exploit Author: MasterVlad Vendor Homepage: http://www.verypdf.com Software Link: http://dl.verypdf.net/docprintprosetup.exe Version: 8.0 Vulnerability Type: Local Buffer Overflow Tested on: Windows 7 32-bi...

1.3AI score
Exploits0
Exploit DB
Exploit DB
added 2020/07/26 12:0 a.m.257 views

pfSense 2.4.4-p3 - Cross-Site Request Forgery

Exploit Title: pfSense 2.4.4-p3 - Cross-Site Request Forgery Date: 2019-09-27 Exploit Author: ghostfh Vendor Homepage: https://www.pfsense.org/ Software Link: https://www.pfsense.org/download/index.html?section=downloads Version: Till 2.4.4-p3 Tested on: freebsd CVE : CVE-2019-16667 Vulnerability...

8.8CVSS8.8AI score0.54541EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/07/25 12:0 a.m.122 views

Frigate Professional 3.36.0.9 Local Buffer Overflow

Exploit Title: Frigate Professional 3.36.0.9 - 'Pack File' Buffer Overflow SEH Egghunter Date: 2020-07-24 Exploit Author: MasterVlad Vendor Homepage: http://www.frigate3.com/ Software Link: http://www.frigate3.com/download/frigate3pro.exe Version: 3.36.0.9 Vulnerability Type: Local Buffer Overflo...

0.9AI score
Exploits0
0day.today
0day.today
added 2020/07/23 12:0 a.m.711 views

Online Book Store 1.0 Code Execution Exploit

Exploit for php platform in category web applications !/usr/bin/env python3 Exploit Title: Online Book Store 1.0 - Unauthenticated Remote Code Execution modified by cesgami Exploit Author: Tib3rius Vendor Homepage:...

7.4AI score
Exploits0
GithubExploit
GithubExploit
added 2020/07/22 8:36 a.m.124 views

Exploit for Open Redirect in Kubernetes

Kubernetes CVE-2020-8559 Proof of Concept PoC Exploit This...

6.8CVSS7.5AI score0.061EPSS
Exploits3
Securelist
Securelist
added 2020/07/21 10:0 a.m.24 views

GReAT thoughts: Awesome IDA Pro plugins

The Global Research & Analysis Team here at Kaspersky has a tradition of meeting up once a month and sharing cutting-edge research, interesting techniques and useful tools. We recently took the unprecedented decision to make our internal meetings public for a few months and present them as a seri...

7.1AI score
Exploits0
Rows per page
Query Builder