11967 matches found
Insecure Number Generator
libxslt.so is vulnerable to insecure number generation. The library does not use a random seed during random number generation which is not robust enough to withstand a cryptographic attack against it...
IOVLabs: DoS through PeerExplorer
Summary: The peer discovery implementation is vulnerable to a Denial of Service attack due to improper management of connections. Description: The two main files of interest in detailing this vulnerability are PeerExplorer.java and NodeChallengeManager.java. To explain the flow of execution I'll ...
Design/Logic Flaw
Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme". In versions =0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he can swap header...
Sharesniffer - Network Share Sniffer And Auto-Mounter For Crawling Remote File Systems
sharesniffer is a network analysis tool for finding open and closed file shares on your local network. It includes auto-network discovery and auto-mounting of any open cifs and nfs shares. How to use Example to find all hosts in 192.168.56.0/24 network and auto-mount at /mnt: python sniffshares.p...
Threat Outbreak Alert RuleID32845: Email Messages Distributing Malicious Software on May 29, 2018
Medium Alert ID: 57973 First Published: 2018 May 29 12:39 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32845 may contain the following files: Name | Size...
This Chrome extension reveals if your password has been breached
By Waqas Okta has introduced new password manager PassProtect in its latest, This is a post from HackRead.com Read the original post: This Chrome extension reveals if your password has been breached...
Joomla Full Social 1.1.0 SQL Injection
Exploit Title: Joomla! extension Full Social 1.1.0 - 'searchquery' SQL Injection Date: 2018-05-28 Exploit Author: L0RD or [email protected] Software Link: https://extensions.joomla.org/extension/full-social/ Vendor Homepage: https://www.joomlaextensions.co.in/ Version: 1.1.0 Tested on...
CVE-2018-11406: CSRF Token Fixation
More info at https://symfony.com/cve-2018-11406...
[SECURITY] Fedora 27 Update: procps-ng-3.3.10-16.fc27
The procps package contains a set of system utilities that provide system information. Procps includes ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch and pwdx. The ps command displays a snapshot of running processes. The top command provides a repetitive update of the...
Backdoors in D-Link’s backyard
"If you want to change the world, start with yourself." In the case of security research this can be rephrased to: "If you want to make the world safer, start with the smart things in your home." Or, to be more specific, start with your router – the core of any home network as well as an...
Buffer overflow
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsmadtap.c by fixing an off-by-one error that caused a buffer overflow...
CVE-2018-11245
app/webroot/js/misp.js in MISP 2.4.91 has a DOM based XSS with cortex type attributes...
Vanilla: Vanilla SQL Injection Vulnerability
Summary: There is a SQL injection vulnerability in the vanilla, an attacker can use this vulnerability to obtain database information. Description: We download the program from https://github.com/vanilla/vanilla and install. In applications/dashboard/controllers/class.profilecontroller.php:274 ph...
Intelbras NCLOUD 300 1.0 - Authentication bypass Exploit
Exploit for hardware platform in category web applications coding: utf-8 Exploit Title: Intelbras NCloud Authentication bypass Date: 16/05/2018 Exploit Author: Pedro Aguiar - email protected Vendor Homepage: http://www.intelbras.com.br/ Software Link:...
asc-shop.de XSS vulnerability
Open Bug Bounty ID: OBB-617091 Description| Value ---|--- Affected Website:| asc-shop.de Open Bug Bounty Program:| View Open Bug Bounty Program Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A...
Cache poisoning and other dirty tricks
by @bo0om, Wallarm Research Caching is a great technology practice. It makes life better for everybody — clients get the data faster, servers expend fewer resources and so on. There is even a whole CDN industry that was built to deliver caching as a service. There are many examples of caching...
HackerOne: Information disclosure
Summary: Chaining few simple informative issues on HackerOne platform and applying new method of timing attack, exploiting interesting feature in HTML5 https://developer.mozilla.org/en-US/docs/Web/API/ResourceTimingAPI/UsingtheResourceTimingAPI more precise Copy with CORSwe can perform low cost,...
findprice.com.tw XSS vulnerability
Open Bug Bounty ID: OBB-610614 Description| Value ---|--- Affected Website:| findprice.com.tw Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2018-10571
Multiple reflected cross-site scripting XSS vulnerabilities in OpenEMR before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via the 1 patient parameter to interface/main/finder/findernavigation.php; 2 key parameter to interface/billing/getclaimfile.php; 3 formid or 4 formseq...
perpustakaan.undiksha.ac.id XSS vulnerability
Open Bug Bounty ID: OBB-607581 Description| Value ---|--- Affected Website:| perpustakaan.undiksha.ac.id Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...