Lucene search
K

11967 matches found

NVD
NVD
added 2017/07/23 3:29 a.m.24 views

CVE-2017-11543

tcpdump 4.9.0 has a buffer overflow in the sliplinkprint function in print-sl.c...

9.8CVSS9.7AI score0.06196EPSS
Exploits1References7
Hacker One
Hacker One
added 2017/07/21 1:46 a.m.27 views

Unikrn: Flash CSRF: Update Ad Frequency %: [cp-ng.pinion.gg]

Description: ----------- Attacker can update the user's Ad Frequency % using flash + 307 redirect trick by making post request to particular endpoint. Step To Reproduce: ----------- + Get logged at: https://cp-ng.pinion.gg + Visit: http://geekboy.ninja/poc/freq.swf + Ad Frequency should be update...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2017/07/19 12:0 a.m.11 views

ManageEngine Firewall Analyzer Detection (HTTP)

HTTP based detection of ManageEngine Firewall Analyzer. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2017/07/16 12:0 a.m.153 views

Orangescrum 1.6.1 - Multiple Vulnerabilities

Exploit Title: Orangescrum 1.6.1 Multiple Vulnerabilities Google Dork: NA Date: July 9 2017 Exploit Author: [email protected] Author blog : cupuzone.wordpress.com Vendor Homepage: https://www.orangescrum.org/ Software Link: https://www.orangescrum.org/free-download Version: 1.6.1 Tested on:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/07/12 12:0 a.m.31 views

RaidenHTTPD 2.0.44 User-Agent Cross Site Scripting

Exploit Title: RaidenHTTPD 2.0.44 - User-Agent - HTML Injection & Cross-site scripting Exploit Author: sultan albalawi :@bofheaded :https://hackinguyz.blogspot.com/ exploit User-Agent HTTP header : For remote testing use http-live -There is no need to use the script alertdocument.cookiewxo3i...

7.4AI score
Exploits0
0day.today
0day.today
added 2017/07/11 12:0 a.m.51 views

Schneider Electric Pelco VideoXpert Core Admin Portal Directory Traversal Vulnerability

Pelco VideoXpert suffers from a directory traversal vulnerability. Exploiting this issue will allow an unauthenticated attacker to view arbitrary files within the context of the web server. Schneider Electric Pelco VideoXpert Core Admin Portal Directory Traversal Vendor: Schneider Electric SE...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/07/03 2:36 a.m.8 views

sammler.com XSS vulnerability

Vulnerable URL: http://www.sammler.com/coins/valuablecoinsatebay.asp?land=Europe=1"...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/07/03 12:0 a.m.47 views

Fedora 25 : libmtp (2017-4c57da6642)

libmtp 1.1.13 ============= Christophe Vu-Brugier 1 : - added GoPro HERO5 Black Emeric Grange 2 : - added GoPro HERO5 Session - rename F5321 into XPeria X Compact Gaute Hope 2 : - add GoPro Hero+ - add mtp-detect for GoPro Hero+ Jerry Zhang 1 : - Update Google device strings, add PTP+ADB id Marcu...

6.8CVSS6.4AI score0.00855EPSS
Exploits0References4
Openbugbounty
Openbugbounty
added 2017/07/02 1:32 p.m.12 views

shop.bcs.org XSS vulnerability

Vulnerable URL: http://shop.bcs.org/display.asp?contrast=2size=3=9781780172774=1"...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/07/02 1:32 p.m.7 views

scgames.bauer.uh.edu XSS vulnerability

Vulnerable URL: http://scgames.bauer.uh.edu/scmorderplot.asp?game=1"...

6.9AI score
Exploits0
myhack58
myhack58
added 2017/06/30 12:0 a.m.43 views

JapsPer pointer undefined vulnerability analysis-vulnerability warning-the black bar safety net

0×01: introduction JapsPer project is an open source project, it provides a method based on the jpeg-2000 part of the standard. This project was originally developed by Image Power and University of British Columbia collaboration. Currently, the ongoing JapsPer software maintenance and developmen...

0.3AI score
Exploits0
Friends Of PHP
Friends Of PHP
added 2017/06/28 2:13 p.m.13 views

Invalid token creation and validation

More info at https://simplesamlphp.org/security/201708-01...

5.9CVSS7.2AI score0.0125EPSS
Exploits0Affected Software1
Schneier on Security
Schneier on Security
added 2017/06/27 6:38 p.m.18 views

Article on the DAO Ethereum Hack

This is good...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2017/06/20 12:0 a.m.43 views

PayPal Inc BB #149 - (Gift) Insufficient Authentication

Document Title: =============== PayPal Inc BB 149 - Gift Insufficient Authentication References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1973 ID EIBBP-34368 Release Date: ============= 2017-06-20 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2017/06/19 5:27 a.m.17 views

Database of Over 198 Million U.S. Voters Left Exposed On Unsecured Server

Information on more than 198 Million United States citizens, that's over 60% of the US population, was exposed in what's believed to be the largest ever known exposure of voter-related to date. This blunder was caused by Deep Root Analytics DRA, a data analytics firm employed by the US Republican...

6.5AI score
Exploits0
Hacker One
Hacker One
added 2017/06/17 10:3 a.m.27 views

Yelp: Firefly's verify_access_token() function does a byte-by-byte comparison of HMAC values.

Dear Yelp bug bounty team, Summary --- Firefly is vulnerable to timing attacks, because the verifyaccesstoken function performs a byte-by-byte comparison, which terminates early when two characters do not match. Timing attacks are a type of side channel attack where one can discover valuable...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2017/06/16 12:0 p.m.138 views

On Microsoft's XP Patches, Hidden Cobra, MacRansom, and More

Mike Mimoso and Chris Brook discuss the news of the week, including Microsoft’s XP patches, Hidden Cobra, a Nigerian BEC campaign, MacRansom, and more. Download: ThreatpostNewsWrapJune162017.mp3 Music by Chris Gonslaves...

9.3CVSS2.4AI score0.99945EPSS
Exploits33References3
Openbugbounty
Openbugbounty
added 2017/06/15 5:1 p.m.8 views

catalog.trimblelibrary.org XSS vulnerability

Vulnerable URL: http://catalog.trimblelibrary.org/TLCScripts/interpac.dll?SearchForm=1=pac=,0,%3C!%27/!%22/!%27/%22/--!%3E%3CInput/Autofocus%20/;%20Onfocus=alert'OPENBUGBOUNTY'//%3E%3CSvg%3E= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 29.07.2017 Vulnerability type:|...

6.3AI score
Exploits0
0day.today
0day.today
added 2017/06/15 12:0 a.m.28 views

Linux/x86 - XOR encoded execve(/bin/sh) setuid(0) setgid(0) Shellcode (66 bytes)

;Title: Linux/x86 - 66 byte - execve/bin/sh - setuid0 - setgid0 - XOR encrypted ;Author: nullparasite ;Contact: email protected ;Category: Shellcode ;Architecture: Linux x86 ;Description: This shellcode, first set uid and gid to zero then call shell using execve. Also, /bin/sh defined as a XOR...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2017/06/13 10:12 p.m.56 views

Hashcat v3.6.0 - World's Fastest and Most Advanced Password Recovery Utility

hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable...

7.5AI score
Exploits0
Rows per page
Query Builder