Firefox Send Is an Easy Way to Share Large Files Securely

Mozilla has made public an encrypted file-sharing service with a self-destruct twist...

openthread/ip6-send-fuzzer: Stack-buffer-overflow in ot::MeshCoP::ChannelMaskEntry::GetMask

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5629736728920064 Project: openthread Fuzzer: aflopenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: aflasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow...

openthread/ip6-send-fuzzer: Crash in ot::Coap::CoapBase::RemoveResource

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5754140431482880 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerubsanopenthread Platform Id: linux Crash Type: UNKNOWN RE...

openthread/ip6-send-fuzzer: Bad-cast to ot::Ip6::Netif from invalid vptr in ot::Ip6::Ip6::GetNetifById

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=6252712985886720 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerubsanopenthread Platform Id: linux Crash Type: Bad-cast...

openthread/ip6-send-fuzzer: Crash in ot::Dhcp6::Dhcp6Client::ProcessNextIdentityAssociation

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5669719225401344 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerubsanopenthread Platform Id: linux Crash Type: UNKNOWN RE...

openthread/ip6-send-fuzzer: Crash in ot::Dhcp6::Dhcp6Client::UpdateAddresses

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5733232262250496 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerubsanopenthread Platform Id: linux Crash Type: UNKNOWN RE...

SSRFmap - Automatic SSRF Fuzzer And Exploitation Tool

SSRF are often used to leverage actions on other services, this framework aims to find and exploit these services easily. SSRFmap takes a Burp request file as input and a parameter to fuzz. Server Side Request Forgery or SSRF is a vulnerability in which an attacker forces a server to perform...

OpenSSH 7.6p1 SCP Client - Multiple Vulnerabilities (SSHtranger Things) Exploit

Exploit Title: SSHtranger Things Exploit Author: Mark E. Haase Vendor Homepage: https://www.openssh.com/ Software Link: download link if available Version: OpenSSH 7.6p1 Tested on: Ubuntu 18.04.1 LTS CVE : CVE-2019-6111, CVE-2019-6110 ''' Title: SSHtranger Things Author: Mark E. Haase Homepage:...

openthread/ip6-send-fuzzer: Index-out-of-bounds in ot::Coap::Message::ParseHeader

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5162663452082176 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerubsanopenthread Platform Id: linux Crash Type:...

Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS)

Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery Send SMS Exploit Title: Huawei E5330 Cross-Site Request Forgery Send SMS Date: 01/07/2019 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Vendor Homepage: https://consumer.huawei.com/in/mobile-broadband/e5330/ Version:...

Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS)

Exploit Title: Huawei E5330 Cross-Site Request Forgery Send SMS Date: 01/07/2019 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Vendor Homepage: https://consumer.huawei.com/in/mobile-broadband/e5330/ Version: 21.210.09.00.158 Tested on: Windows 10 x64 CVE: CVE-2014-5395 Note: The...

Huawei E5330 21.210.09.00.158 Cross Site Request Forgery

Exploit Title: Huawei E5330 Cross-Site Request Forgery Send SMS Date: 01/07/2019 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Vendor Homepage: https://consumer.huawei.com/in/mobile-broadband/e5330/ Version: 21.210.09.00.158 Tested on: Windows 10 x64 CVE: CVE-2014-5395 Note: The...

Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS) Exploit

Exploit for hardware platform in category web applications Exploit Title: Huawei E5330 Cross-Site Request Forgery Send SMS Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Vendor Homepage: https://consumer.huawei.com/in/mobile-broadband/e5330/ Version: 21.210.09.00.158 Tested on: Windo...

Fedora 28 : curl (2018-57779d51c1)

fix heap buffer overflow in SMTP send CVE-2018-0500 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2018:2423-1)

This update for curl fixes the following issues: Security issue fixed : - CVE-2018-0500: Fix a SMTP send heap buffer overflow bsc1099793. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatical...

Erlang Port Mapper Daemon Cookie RCE

The erlang port mapper daemon is used to coordinate distributed erlang instances. Should an attacker get the authentication cookie RCE is trivial. Usually, this cookie is named ".erlang.cookie" and varies on location. This module requires Metasploit: https://metasploit.com/download Current source...

CVE-2018-18772

CentOS-WebPanel.com aka CWP CentOS Web Panel through 0.9.8.740 allows CSRF via admin/index.php?module=sendssh, as demonstrated by executing an arbitrary OS command...

CVE-2018-18772

CentOS-WebPanel.com aka CWP CentOS Web Panel through 0.9.8.740 allows CSRF via admin/index.php?module=sendssh, as demonstrated by executing an arbitrary OS command...

CVE-2018-0682

Denbun by NEOJAPAN Inc. Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier does not properly manage sessions, which allows remote attackers to read/send mail or change the configuration via unspecified vectors...

Hardcoded credentials

Denbun by NEOJAPAN Inc. Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier uses hard-coded credentials, which may allow remote attackers to read/send mail or change the configuration...