29 matches found
EUVD-2014-5628
Malware in sbrugna...
EUVD-2023-51937
Malicious code in bioql PyPI...
EUVD-2022-45799
Malicious code in bioql PyPI...
Exploit for Improper Input Validation in Microsoft
CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnera...
Authentication flaw
This affects the package latte/latte before 2.10.6. There is a way to bypass allowFunctions that will affect the security of the application. When the template is set to allow/disallow the use of certain functions, adding control characters x00-x08 after the function will bypass these restriction...
iFunbox 4.2 - (Apple Mobile Device Service) Unquoted Service Path Vulnerability
Exploit Title: iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path Exploit Author: Julio Aviña Vendor Homepage: https://www.i-funbox.com/en/index.html Software Link: https://www.i-funbox.com/download/ifunboxsetup4.2.exe Version: 4.2 Service File Version: 486.0.2.23 Tested on: Window...
iFunbox 4.2 Unquoted Service Path
Exploit Title: iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path Date: 2021-06-18 Exploit Author: Julio Aviña Vendor Homepage: https://www.i-funbox.com/en/index.html Software Link: https://www.i-funbox.com/download/ifunboxsetup4.2.exe Version: 4.2 Service File Version: 486.0.2.23...
QNAP QVR Client 5.0.0.13230 - 'QVRService' Unquoted Service Path
Exploit Title: QNAP QVR Client 5.0.0.13230 - 'QVRService' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2021-03-14 Vendor Homepage: https://www.qnap.com Tested Version: 5.0.0.13230 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es Step to discover...
Deep Instinct Windows Agent 1.2.29.0 Unquoted Service Path
Exploit Title: Deep Instinct Windows Agent 1.2.29.0 - 'DeepMgmtService' Unquoted Service Path Discovery by: Oscar Flores Discovery Date: 2020-03-05 Vendor Homepage: https://www.deepinstinct.com/ Software Links :...
CVE-2017-3750
On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749...
Android security development of ZIP file directory traversal-vulnerability warning-the black bar safety net
ZIP compressed package file to allow the presence of“../”string, an attacker can carefully construct the ZIP file, use multiple“../”thereby changing the ZIP package to a file in the storage position, the cover to replace the application the original file. If the overwritten file is available. so...
Websense Email Security Heartbeat Information Disclosure (Heartbleed)
The version of Websense Email Security installed on the remote Windows host contains a bundled version of an OpenSSL DLL file. It is, therefore, affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbea...
[Ghost Phisher v1.5] GUI suite for phishing and penetration attacks
Ghost Phisher is an application of security which comes built-in with a fake DNS server ,DHCP server fake, fake HTTP Server and also has a space for the automatic capture and recording credentials HTTP method of the form to a database. The program could be used for on-demand service of DHCP, DNS,...
Websense Email Security Installed
Websense Email Security, an email security application, is installed on the remote Windows host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69516; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/02/06";...
Sophos Web Protection Detection
Sophos Web Protection, a web security application, is running on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65873; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/05/24"; scriptnameenglish:"Sophos Web...
GTA UTM Firewall - Input Filter Bypass Vulnerability
Document Title: =============== GTA UTM Firewall - Input Filter Bypass Vulnerability References: =========== Download: http://www.vulnerability-lab.com/resources/videos/629.wmv View: http://www.youtube.com/watch?v=Aw3W2JQbjf8 Article: http://www.vulnerability-lab.com/getcontent.php?id=629 Advisor...
Ghost Phisher
Ghost Phisher is a computer security application that comes inbuilt with a Fake DNS Server, Fake DHCP Server, Fake HTTP server and also has an integrated area for automatic capture and logging of HTTP form method credentials to a database. The program could be used as an honey pot,could be used t...
Symantec Mail Security Autonomy Verity Keyview Filter Vulnerabilities (SYM11-013)
The file attachment filter component included with the instance of Symantec Mail Security installed on the remote Windows host is reportedly affected by multiple buffer overflow vulnerabilities that can be triggered when handling attachments of various types. By sending an email with a specially...
CA Gateway Security Detection
Computer Associates Gateway Security, formerly Computer Associates Secure Content Management, a security application, is installed on the remote Windows host. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid55691; scriptversion"1.11";...
RSA Security Console Detection
The remote web server hosts RSA Security Console, which is used with RSA appliances to manage users and tokens, perform real-time authentication monitoring, log access, define password policies, etc. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid55508;...