11967 matches found
Unskilled Pro-ISIS Hackers A Growing Threat
Hackers sympathetic to ISIS may lack the funding and talent of government-sponsored hackers, but they merit attention because of their promotion of physical violence and ability to incite others via social media to target individuals or groups. A report today by security company Flashpoint points...
AWS CAPTCHA Bypass
The process of AWS login has a feature: if you use "fresh" browserno cookie, no cache, etc to sign in, put correct email and correct password there, CAPTCHA is required"To better protect your account, please re-enter your password and then enter the characters as they are shown in the image below...
RomPager 4.34 Authentication Bypass
Title: Misfortune Cookie Exploit RomPager = 4.34 router authentication remover Date: 17/4/2016 CVE: CVE-2015-9222 http://mis.fortunecook.ie Vendors: ZyXEL,TP-Link,D-Link,Nilox,Billion,ZTE,AirLive,... Vulnerable models: http://mis.fortunecook.ie/misfortune-cookie-suspected-vulnerable.pdf Versions...
Solaris 8 (x86) : 152098-53
JavaSE 7x86: update 151 patch equivalent to JDK 7u151. Date this patch was last updated by Sun : Jul/17/17 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...
HackerOne: Reputation Manipulation (Theoretical)
Hi, I really would appreciate if you are transparent with this or does not close the bug quickly as N/A or something similar because of being purely theoretical. I am assuming HackerOne runs an x86 System. and the INTMAX is 2,147,483,648. I know this because https://hackerone.com/reports/21474836...
SA122 : SMB Vulnerabilities in Windows and Samba (Badlock)
SUMMARY Blue Coat products that include affected versions of Microsoft Windows and Samba are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to hijack connections to view and modify traffic, obtain unauthorized access to user passwords and other...
ImPAX Agility 1.1074.RC.b122.20150602 Cross Site Scripting
ImPAX Agility Multiple Cross Site Scripting Vulnerabilities Tested versions: 1.1074.RC.b122.20150602 http://www.agfahealthcare.com/ Credits to: vesp3r / [email protected] About the Product ------------------ IMPAX Agility is designed to achieve clinical productivity and improve affordability. I...
[SECURITY] Fedora 24 Update: pulp-rpm-2.8.2-1.fc24
Provides a collection of platform plugins, client extensions and agent handlers that provide RPM support...
GetDataReport - Script to collect information to the client side
Script in PHP+JS for get information of target through a web application, use $SERVER functions and JS functions for get information of our client. Plugin WEBApps in some web applications need to collect information from the client to perform tasks with this plugin will be easier to work with the...
LINE Puzzle Bobble - Customized SSL, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application LINE Puzzle Bobble published at the 'play' market has multiple vulnerabilities...
New Relic: Open redirection bypass
Hello, 123172 is fixed even i found another bypass of open redirection protection at this endpoint. First get logged in and then open following URL : https://login.newrelic.com/login?returnto=///attacker.com You will be redirected on http://attacker.com Bes regards, Shailesh...
FBI Cracks the iPhone, Scourge of Ransomware Hits Hospitals, and the Hack the Pentagon Program
Mike Mimoso and Chris Brook recap the week in news, including how the FBI cracked that iPhone, the barrage of ransomware hitting hospitals, and the Hack the Pentagon bug bounty trial program announcement. Download: ThreatpostNewsWrap-April12016.mp3 Music by Chris Gonsalves...
Christmas Tale - WebView SSL handling enabled, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Christmas Tale published at the 'play' market has multiple vulnerabilities...
Bubble Pop Multiplication Free - Dangerous filesystem permissions, Insecure KeyStore vulnerabilities
HackApp vulnerability scanner discovered that application Bubble Pop Multiplication Free published at the 'play' market has multiple vulnerabilities...
Fun Kid Racing - Base64 encoded String, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Fun Kid Racing published at the 'play' market has multiple vulnerabilities...
Slice Words - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities
HackApp vulnerability scanner discovered that application Slice Words published at the 'play' market has multiple vulnerabilities...
Room Escape 3 - Customized SSL, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Room Escape 3 published at the 'play' market has multiple vulnerabilities...
Celebrity Quiz: Guess Stars - Dynamic Code Loading, External URLs, Native code usage vulnerabilities
HackApp vulnerability scanner discovered that application Celebrity Quiz: Guess Stars published at the 'play' market has multiple vulnerabilities...
Alliance Wars- Global Invasion - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Alliance Wars- Global Invasion published at the 'play' market has multiple vulnerabilities...
Stunt Bike 3D Free - Dynamic Code Loading, External URLs, Native code usage vulnerabilities
HackApp vulnerability scanner discovered that application Stunt Bike 3D Free published at the 'play' market has multiple vulnerabilities...