Lucene search
K

11967 matches found

Fedora
Fedora
added 2017/11/14 2:1 a.m.36 views

[SECURITY] Fedora 26 Update: kernel-4.13.12-200.fc26

The kernel meta package...

7.2CVSS2.4AI score0.004EPSS
Exploits0
CVE
CVE
added 2017/11/13 3:0 p.m.35 views

CVE-2012-2456

CVE-2012-2456 is rejected/not used and does not represent an active vulnerability entry.

6.7AI score
Exploits0
Fedora
Fedora
added 2017/11/11 1:54 p.m.51 views

[SECURITY] Fedora 27 Update: kernel-4.13.11-300.fc27

The kernel meta package...

5.5CVSS2.4AI score0.00455EPSS
Exploits0
Hacker One
Hacker One
added 2017/11/10 12:51 a.m.68 views

Bitwarden: Vulnerable exported broadcast receiver

Good evening, This is actually in your code base this time. : Since the following broadcast receiver has export=true it can be exploited by 3rd parties. Vulnerability com.x8bit.bitwarden.PackageReplacedReceiver has exported set to true making the receiver vulnerable to tampering. F238236 POC I wa...

6.6AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2017/11/06 11:9 p.m.17 views

News and Updates from the PCI Europe Community Meeting

In September, Hurricane Irma forced the PCI SSC to cancel the North America Community Meeting; and the uncertainty of Catalonian independence from Spain may have led some to stay home from the Europe Community Meeting held in Barcelona last week. Nevertheless, the Coalfire team was well-represent...

0.9AI score
Exploits0
Hacker One
Hacker One
added 2017/11/06 7:54 p.m.21 views

BOHEMIA INTERACTIVE a.s.: 217.147.95.145 NFS Exposed with Zeus Server configs

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report! Description:...

Exploits0
Openbugbounty
Openbugbounty
added 2017/11/02 11:52 a.m.8 views

phuketraceweek.com XSS vulnerability

Open Bug Bounty ID: OBB-388217 Description| Value ---|--- Affected Website:| phuketraceweek.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Chea...

6.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/10/26 12:0 a.m.38 views

openSUSE Security Update : freeradius-server (openSUSE-2017-1192)

This update for freeradius-server fixes the following issues : Fix a number of security issues found via fuzzing by Guido Vranken See http://freeradius.org/security/fuzzer-2017.html for details. boo1049086 - CVE-2017-10987 / FR-GV-304: DHCP - Buffer over-read in frdhcpdecodesuboptions -...

9.8CVSS7.9AI score0.18318EPSS
Exploits0References8
Exploit DB
Exploit DB
added 2017/10/22 12:0 a.m.59 views

WordPress Plugin Polls 1.2.4 - SQL Injection (PoC)

Exploit Title :WordPress Polls plugin1.2.4 SQL Injection vulnerability Vulnerable version:Download Link : https://downloads.wordpress.org/plugin/polls-widget.1.2.4.zip //////////////////////// /// Overview: //////////////////////// WordPress Polls plugin is a tool for creating polls and survey...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/10/19 12:0 a.m.46 views

Microsoft Game Definition File Editor 6.3.9600 - XML External Entity Injection

Microsoft Game Definition File Editor 6.3.9600 - XML External Entity Injection + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MS-WINDOWS-GAME-DEFINITION-FILE-MAKER-v6.3.9600-XML-EXTERNAL-ENTITY.txt + ISR: ApparitionSec...

7.8AI score
Exploits0
UbuntuCve
UbuntuCve
added 2017/10/18 9:29 p.m.20 views

CVE-2017-15601

In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTORpngextractmethod function in plugins/pngextractor.c, related to processiTXt and stndup...

7.5CVSS7.3AI score0.01648EPSS
Exploits1References4
Openbugbounty
Openbugbounty
added 2017/10/17 9:45 p.m.9 views

biblioteca.spda.org.pe XSS vulnerability

Vulnerable URL: http://biblioteca.spda.org.pe/biblioteca/catalogo//buscar.php?search="'--!...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/10/17 12:0 a.m.291 views

ONVIF Device Services

Nessus was able to map the enabled ONVIF services on the remote device by sending a GetCapabilities SOAP request. include"compat.inc"; if description scriptid103866; scriptversion"$Revision: 1.2 $"; scriptcvsdate"$Date: 2017/10/31 18:41:24 $"; scriptnameenglish:"ONVIF Device Services";...

5.5AI score
Exploits0References1
ossfuzz
ossfuzz
added 2017/10/13 8:7 p.m.21 views

open62541/fuzz_binary_message: Crash in UA_SecureChannel_processChunk

Project: https://github.com/open62541/open62541.git Detailed report: https://oss-fuzz.com/testcase?key=6734765949452288 Project: open62541 Fuzzer: libFuzzeropen62541fuzzbinarymessage Fuzz target binary: fuzzbinarymessage Job Type: libfuzzerubsanopen62541 Platform Id: linux Crash Type: UNKNOWN REA...

6.7AI score
Exploits0Affected Software1
Exploit DB
Exploit DB
added 2017/10/12 12:0 a.m.38 views

Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (30 bytes)

Linux/x86 - execve/bin/sh Polymorphic Shellcode 30 bytes. Shellcode exploit for Linx86 platform / Title: Linux/x86 - Polymorphic execve /bin/sh x86 shellcode - 30 bytes Author: Manuel Mancera @sinkmanu Tested on: Linux 3.16.0-4-586 1 Debian 3.16.43-2+deb8u2 2017-06-26 i686 GNU/Linux...

0.2AI score
Exploits0
NVD
NVD
added 2017/10/11 1:32 a.m.15 views

CVE-2017-15194

include/globalsession.php in Cacti 1.1.25 has XSS related to 1 the URI or 2 the refresh page...

6.1CVSS5.9AI score0.0107EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2017/10/09 12:0 a.m.19 views

Apache OpenMeetings Web Services Detection

This host is running Apache OpenMeetings, a software used for presenting, online training, web conferencing, collaborative whiteboard drawing and document editing, and user desktop sharing. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced...

7.3AI score
Exploits0References1
Hacker One
Hacker One
added 2017/10/03 7:32 a.m.18 views

Paragon Initiative Enterprises: CSRF token does not valided during blog comment

SUMMURY ================= i tested that all post request has CSRF token. During Author profile creation also a CSRF token is posted. Now when i removed this CSRF token , show s error like bellow CSRF validation failed 0 /var/www/csprng/src/Cabin/Bridge/Controller/Author.php52:...

7.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/10/02 11:31 p.m.12 views

isosolved.com XSS vulnerability

Vulnerable URL: http://www.isosolved.com/default.asp?msg="'--!alert/Y4R4G/...

6.9AI score
Exploits0
Exploit DB
Exploit DB
added 2017/10/02 12:0 a.m.453 views

Dnsmasq < 2.78 - Information Leak

''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14494.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html Sadly, there are no easy docker setup instructions available. Setup a simple network with...

5.9CVSS9.3AI score0.67549EPSS
Exploits5
Rows per page
Query Builder