Lucene search
K

985 matches found

Kitploit
Kitploit
added 2014/06/11 10:9 p.m.22 views

PAExec - The Redistributable PsExec (Launch Remote Windows Apps)

PAExec lets you launch Windows programs on remote Windows computers without needing to install software on the remote computer first. For example, you could launch CMD.EXE remotely and have the equivalent of a terminal session to the remote server. PAExec is useful for doing remote installs,...

7.5AI score
Exploits0
ThreatPost
ThreatPost
added 2014/02/24 6:4 p.m.14 views

TextSecure Provides Seamless Encryption for All Levels

TextSecure, the secure messaging app developed by the encrypted communication provider WhisperSystems, is no longer merely a private short messaging service SMS application. According to a blog post penned by WhisperSystems co-founder Moxie Marlinspike, TextSecure is now a private, asynchronous...

7AI score
Exploits0References5
Exploit DB
Exploit DB
added 2014/02/05 12:0 a.m.61 views

ownCloud 6.0.0a - Multiple Vulnerabilities

Exploit Title: ownCloud 6.0.0a File Deletion XSS and CSRF Protection Bypass Vendor Homepage: www.ownCloud.org OwnCloud Version: 6.0.0a Browsers tested: Iceweasel 22.0; Internet Explorer 11; Server: Debian. Default LAMP set-up. Exploit Author: James Sibley absane Blog: http://blog.noobroot.com...

5.4CVSS5.5AI score0.03148EPSS
Exploits6
Positive Technologies
Positive Technologies
added 2013/12/07 12:0 a.m.3 views

PT-2013-1067 · Debian +2 · Nbd +2

Name of the Vulnerable Software and Affected Versions: nbd versions prior to 3.5 Description: The issue concerns multiple vulnerabilities in the nbd package of the Debian GNU/Linux operating system, which can be exploited to compromise the confidentiality, integrity, and availability of protected...

9.8CVSS6.9AI score0.03675EPSS
Exploits3References31
NVD
NVD
added 2013/10/10 10:55 a.m.20 views

CVE-2013-5008

The agent and task-agent components in Symantec Management Platform 7.0 and 7.1 before 7.1 SP2 Mp1.1v7 rollup, as used in certain Altiris products, use the same registry-entry encryption key across different customers' installations, which makes it easier for local users to obtain sensitive...

4.6CVSS6.2AI score0.00216EPSS
Exploits0References2
Prion
Prion
added 2013/10/10 10:55 a.m.12 views

Code injection

The agent and task-agent components in Symantec Management Platform 7.0 and 7.1 before 7.1 SP2 Mp1.1v7 rollup, as used in certain Altiris products, use the same registry-entry encryption key across different customers' installations, which makes it easier for local users to obtain sensitive...

4.6CVSS6.8AI score0.00216EPSS
Exploits0References2Affected Software1
ThreatPost
ThreatPost
added 2013/06/11 1:15 p.m.12 views

Cleartext Credential Found in ICS Device Firmware

Industrial control systems are rife with security issues, not the least of which is the use of hard-coded credentials. In order to minimize downtime, developers and administrators build in passwords to expedite remote troubleshooting in the event of a system crash or failure. Problems arise when ...

0.5AI score
Exploits0References2
Packet Storm
Packet Storm
added 2013/06/07 12:0 a.m.29 views

ZPanel 10.0.0.2 Remote Command Execution

One of our expert team members [email protected] who is assigned to do the security audit of ZPanel code has found the follwoing security vulnerability with ZPanel 10.0.0.2 which will allow anyone to escalate the root accress and access the server by anyone. The security audit states the...

Exploits0
myhack58
myhack58
added 2013/04/26 12:0 a.m.12 views

j2ee external parameters of the reference implementation, The steering functions caused by the security Directory Access bypass security issue-vulnerability warning-the black bar safety net

j2ee external parameter references a URL for steering forward function to cause the security Directory Access bypass security issues with! //Recently issued a vulnerability, let me produce one doubts. Today just to achieve a bit of URL jump, find the problem cause is actually very simple. First...

Exploits0
NVD
NVD
added 2013/03/21 2:55 p.m.17 views

CVE-2011-4515

Siemens WinCC TIA Portal 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging 1 physical access or 2 Sm@rt Server access...

4.6CVSS5.6AI score0.00381EPSS
Exploits0References2
Prion
Prion
added 2013/03/21 2:55 p.m.11 views

Design/Logic Flaw

Siemens WinCC TIA Portal 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging 1 physical access or 2 Sm@rt Server access...

4.6CVSS6.1AI score0.00381EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2013/03/21 2:0 p.m.25 views

CVE-2011-4515

Siemens WinCC TIA Portal 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging 1 physical access or 2 Sm@rt Server access...

5.6AI score0.00381EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2013/03/12 12:0 a.m.3 views

Microsoft SharePoint Directory Traversal (MS13-024; CVE-2013-0084)

An elevation of privilege exists in Microsoft SharePoint Server. The vulnerability is due to an error in the way Microsoft SharePoint handles specially crafted URLs. A remote attacker may exploit this issue by enticing a target user to open a specially crafted web page. An attacker who successful...

7.5CVSS6AI score0.2135EPSS
Exploits0
The Hacker News
The Hacker News
added 2013/03/05 6:39 p.m.7 views

Unofficial Pakistan Intelligence website hacked

While the rest of the world engaged in cyber security conferences and Anonymous operations, an Indian patriotic hacker used the time to attack Unofficial Pakistan Intelligence agency ISI. Hacker going by name "Godzilla" today claimed to hack into one of the server belongs to ISI website...

6.6AI score
Exploits0
NVD
NVD
added 2013/02/21 4:35 a.m.20 views

CVE-2013-0472

The Web GUI in the client in IBM Tivoli Storage Manager TSM 6.3 before 6.3.1.0 and 6.4 before 6.4.0.1 allows man-in-the-middle attackers to obtain unspecified client access, and consequently obtain unspecified server access, via unknown vectors...

5.1CVSS6.1AI score0.00989EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2013/02/19 6:49 p.m.12 views

BlackBerry Vulnerability Could Allow Access to Enterprise Server

A vulnerability exists in some components of BlackBerry mobile devices that could grant attackers access to instances of the company’s Enterprise Server BES, according to Research in Motion RIM, which issued an alert and released a patch for the vulnerability last week via its Knowledge Base...

2.5AI score
Exploits0References4
Metasploit
Metasploit
added 2012/12/06 9:30 p.m.97 views

SVN wc.db Scanner

Scan for servers that allow access to the SVN wc.db file. Based on the work by Tim Meddin. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SVN wc.db Scanner', 'Description' = %q Scan for server...

7AI score
Exploits0
securityvulns
securityvulns
added 2012/10/30 12:0 a.m.31 views

EMC Avamar Client for VMware weak encryption

Server access password is stored locally in cleartext...

3.3CVSS2.4AI score0.00618EPSS
Exploits1References1Affected Software1
myhack58
myhack58
added 2012/10/28 12:0 a.m.30 views

nginx+cgi to parse php is prone to a vulnerability-vulnerability warning-the black bar safety net

The title is a bit large, when we analyze carefully after, in fact, are generally configuration issues. If someone wants to attack the server, it will scan the machine where there is vulnerability can upload a malicious script file, the upload script is the first step, When a malicious php script...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2012/10/26 6:37 p.m.7 views

Hacker leaks source code of NASA website belongs to US Government computer

A Hacker going by name - "LegitHacker97" claiming that he successfully access a NASA subdomain website , that actually belongs to a US Government computer, as mentioned on homepage. WARNING This is a US Government computer Hacker also dump a 82.51 MB compressed or 337 MB uncompressed Archive five...

6.9AI score
Exploits0
Rows per page
Query Builder