Lucene search
K

11967 matches found

Cvelist
Cvelist
added 2017/05/11 2:1 p.m.8 views

CVE-2013-6540

...

Exploits0
Cvelist
Cvelist
added 2017/05/11 2:1 p.m.13 views

CVE-2015-7129

...

Exploits0
Cvelist
Cvelist
added 2017/05/11 2:1 p.m.11 views

CVE-2016-3328

...

Exploits0
Cvelist
Cvelist
added 2017/05/11 2:1 p.m.11 views

CVE-2006-1170

...

Exploits0
ICS
ICS
added 2017/05/09 12:0 a.m.43 views

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update J)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Improper Input Validation UPDATE INFORMATION This updated advisory is a follow-up to the updated...

7.1CVSS6.7AI score0.01149EPSS
Exploits0References80
Symantec
Symantec
added 2017/05/09 12:0 a.m.44 views

Microsoft Windows SMB Server CVE-2017-0269 Remote Denial of Service Vulnerability

Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microso...

4.3CVSS0.3AI score0.06465EPSS
Exploits0Affected Software2
Openbugbounty
Openbugbounty
added 2017/05/07 1:20 p.m.11 views

sid.southampton.gov.uk XSS vulnerability

Vulnerable URL: http://sid.southampton.gov.uk/kb5/southampton/directory/results.action?qt==day+services=distance=0=1=180=10=ADD="...

6.9AI score
Exploits0
Prion
Prion
added 2017/05/07 8:29 a.m.21 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9865. Reason: This candidate is a reservation duplicate of CVE-2016-9865. Notes: All CVE users should reference CVE-2016-9865 instead of this candidate. All references and descriptions in this candidate have been removed to...

9.3AI score0.02267EPSS
Exploits0
Kitploit
Kitploit
added 2017/05/03 2:28 p.m.19 views

Web Exploit Detector - Tool To Detect Possible Infections, Malicious Code And Suspicious Files In Web Hosting Environments

The Web Exploit Detector is a Node.js application and NPM module used to detect possible infections, malicious code and suspicious files in web hosting environments. This application is intended to be run on web servers hosting one or more websites. Running the application will generate a list of...

6.5AI score
Exploits0References1
Packet Storm
Packet Storm
added 2017/05/03 12:0 a.m.36 views

Serviio PRO 1.8 DLNA Media Streaming Server (mediabrowser) XSS

Serviio PRO 1.8 DLNA Media Streaming Server mediabrowser DOM Based XSS Vendor: Petr Nejedly | Six Lines Ltd Product web page: http://www.serviio.org Affected version: 1.8.0.0 PRO, 1.7.1, 1.7.0, 1.6.1 Summary: Serviio is a free media server. It allows you to stream your media files music, video or...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2017/04/29 12:0 a.m.367 views

Ghostscript remote code execution (CVE-2017-8291) (ghostbutt)

No description provided by source. %!PS-Adobe-3.0 EPSF-3.0 %%BoundingBox: -0 -0 100 100 /sizefrom 10000 def /sizestep 500 def /sizeto 65000 def /enlarge 1000 def %/bigarr 65000 array def 0 sizefrom sizestep sizeto pop 1 add for /buffercount exch def /buffersizes buffercount array def 0 sizefrom...

6.8CVSS7.9AI score0.96968EPSS
Exploits7
Veracode
Veracode
added 2017/04/27 2:21 a.m.25 views

Input Validation Bypass

Apache Hadoop HDFS is vulnerable to input validation bypass. The attack is possible because it does not correctly handle the validation of the input to NameNode when it is sent as a query parameter during the interaction of the HDFS client with the DataNode in the HDFS namespace browsing. A user...

7.5CVSS7.1AI score0.062EPSS
Exploits1References4Affected Software1
seebug.org
seebug.org
added 2017/04/24 12:0 a.m.34 views

Chrome Universal XSS using exceptions thrown from Object.observe (CVE-2015-1304)

VULNERABILITY DETAILS From /v8/src/object-observe.js: function ObjectObserveobject, callback, acceptList ... var objectObserveFn = %GetObjectContextObjectObserveobject; return objectObserveFnobject, callback, acceptList; From /v8/src/runtime/runtime-observe.cc:...

7.5CVSS9.1AI score0.01757EPSS
Exploits1
hackapp
hackapp
added 2017/04/17 10:46 a.m.17 views

exyuTV - Dynamic Code Loading, External URLs, Possible privilege escalation vulnerabilities

HackApp vulnerability scanner discovered that application exyuTV published at the 'play' market has multiple vulnerabilities...

1.1AI score
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2017/04/17 12:0 a.m.29 views

PHPCMS V9 arbitrary file download Windows

A, background Arbitrary File Download vulnerability and the PHPCMS v9. 6. 0 wap module SQL injection on in the same file, but the trigger point in the download function. Second, the details 漏洞文件在phpcms\modules\content\down.php vulnerability to trigger the function: php public function download th...

8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/04/13 12:0 a.m.38 views

Asterisk 13.13 < 13.13-cert3 / 13.x < 13.14.1 / 14.x < 14.3.1 CDR user Field RCE (AST-2017-001)

According to its SIP banner, the version of Asterisk running on the remote host is 13.13 prior to 13.13-cert3, 13.x prior to 13.14.1, or 14.x prior to 14.3.1. Is it, therefore, affected by a buffer overflow condition due to a failure to check the size when setting the user field on a CDR. An...

8.8CVSS8.2AI score0.06243EPSS
Exploits0References2
0day.today
0day.today
added 2017/04/12 12:0 a.m.65 views

Apple WebKit - Document::adoptNode Use-After-Free Exploit

Exploit for multiple platform in category dos / poc var s = document.body.appendChilddocument.createElement'script'; s.type = '0'; s.textContent = 'document.body.appendChildparent.i0'; var i0 = s.appendChilddocument.createElement'iframe'; s.type = ''; var f =...

6.8CVSS8.3AI score0.0779EPSS
Exploits3
Exploit DB
Exploit DB
added 2017/04/12 12:0 a.m.67 views

Solaris 7 &lt; 11 (SPARC/x86) - &#039;EXTREMEPARR&#039; dtappgather Privilege Escalation

!/bin/ksh Exploit PoC reverse engineered from EXTREMEPARR which provides local root on Solaris 7 - 11 x86 & SPARC. Uses a environment variable of setuid binary dtappgather to manipulate file permissions and create a user owned directory anywhere on the system as root. Can then add a shared object...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/09 12:0 a.m.62 views

WebKit ComposedTreeIterator::traverseNextInShadowTree Use-After-Free

WebKit: ComposedTreeIterator::traverseNextInShadowTree use-after-free CVE-2017-2466 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on a nightly version of WebKit. The PoC has also been observed to crash Safari 10.0.2 on Mac. PoC:...

6.8CVSS0.0687EPSS
Exploits3
Kitploit
Kitploit
added 2017/04/07 2:30 p.m.94 views

oletools - Tools to analyze MS OLE2 files and MS Office documents, for malware analysis, forensics and debugging

oletools is a package of python tools to analyze Microsoft OLE2 files also called Structured Storage, Compound File Binary Format or Compound Document File Format, such as Microsoft Office documents or Outlook messages, mainly for malware analysis, forensics and debugging. It is based on the...

7.2AI score
Exploits0References20
Rows per page
Query Builder