CVE-2018-12716

The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scanresults JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its...

Unix / Linux Running Processes Information

Generated report details the running processes on the target machine at scan time. This plugin is informative only and could be used for forensic investigation, malware detection, and to confirm that your system processes conform to your system policies. TRUSTED...

Trend Micro OfficeScan Pool Corruption elevation of privilege vulnerability (CNVD-2018-16862)

Trend Micro OfficeScan provides protection against modern threats through anti-malware, ransomware protection, memory inspection, device control and and command and control C&C traffic. An elevation of privilege vulnerability exists in Trend Micro OfficeScan version 11.0 SP1 and XG. The...

CVE-2018-10359

A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220078 in the TMWFP driver. An attacker must first obtain the ability to...

CVE-2018-10506

A out-of-bounds read information disclosure vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within the processing of IOCTL 0x220004 by the TMWFP driver. An attacker must first obtain t...

Open-Xchange: [SSRF] PDF documentconverterws

Hi. Previous report 260576 Example: F305199 /ppt/slides/rels/slide1.xml.rels: xml Result: F305196 Impact Scan network Read any file file:///home/example/test.odf...

BurpBounty - A Extension Of Burp Suite That Improve An Active And Passive Scanner

This extension allows you, in a quick and simple way, to improve the active and passive burpsuite scanner by means of personalized rules through a very intuitive graphical interface. Through an advanced search of patterns and an improvement of the payload to send, we can create our own issue...

CVE-2018-11439

The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted audio file...

AZL-7380 CVE-2018-11439 affecting package taglib for versions less than 1.13.1-1

The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted audio file...

UBUNTU-CVE-2018-11439

The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted audio file...

Heap overflow

The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted audio file...

GyoiThon - A Growing Penetration Test Tool Using Machine Learning

GyoiThon is a growing penetration test tool using Machine Learning. GyoiThon identifies the software installed on web server OS, Middleware, Framework, CMS, etc... based on the learning data. After that, it executes valid exploits for the identified software using Metasploit. Finally, it generate...

Burpa - A Burp Suite Automation Tool

A Burp Suite Automation Tool With Slack Integration. Requirements burp-rest-api Burp Suite Professional slackclient Usage $ python burpa.py -h / / / / / / / / / / / // / // / / / // / // / /./,// / ./,/ // burpa version 0.1 / by 0x4D31 usage: burpa.py -h -a scan,proxy-config,stop -pP PROXYPORT...

Target Credential Issues by Authentication Protocol - No Issues Found

Valid credentials were provided for an authentication protocol on the remote target and Nessus did not log any subsequent errors or failures for the authentication protocol. When possible, Nessus tracks errors or failures related to otherwise valid credentials in order to highlight issues that ma...

UBUNTU-CVE-2018-10092

The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads...

Design/Logic Flaw

The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads...

CVE-2018-10092

The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads...

K2 Smartforms 4.6.11 Server-Side Request Forgery

Vulnerability type: Server Side Request Forgery Vendor: https://www.k2.com/ Product: K2 Smartforms Affected version: 4.6.11 Credit: Foo Jong Meng CVE ID: CVE-2018-9920 DESCRIPTION: Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an...

Authenticated Scan / LSC Info Consolidation (Windows SMB Login)

Consolidation and reporting of various technical information about authenticated scans / local security checks LSC via SMB for Windows targets. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective righ...

PII Information Removed From Scan Results

This plugin digs through known KB and scratchpad values which can contain personally identified information, and removes and replaces the keys and values with sanitized versions. Note that Tenable must be contacted to enable this feature. C Tenable Network Security, Inc. include"compat.inc"; if...