Lucene search
K

7921 matches found

CNVD
CNVD
added 2016/06/24 12:0 a.m.3 views

phpMyAdmin Full Path Disclosure Vulnerability

phpmyadmin is an online management tool for MySQL databases. phpmyadmin versions 4.4.x, 4.6.x, 4.0.x are available at . /setup/, . /examples/ are vulnerable to a full path disclosure vulnerability, which can be exploited by an attacker with a constructed script that triggers a PHP error message t...

5.3CVSS9.3AI score0.02616EPSS
Exploits0References1
phpMyAdmin
phpMyAdmin
added 2016/06/23 12:0 a.m.31 views

Multiple full path disclosure vulnerabilities

PMASA-2016-23 Announcement-ID: PMASA-2016-23 Date: 2016-06-23 Summary Multiple full path disclosure vulnerabilities Description This PMASA contains information on multiple full-path disclosure vulnerabilities reported in phpMyAdmin. By specially crafting requests in the following areas, it is...

5.3CVSS6.6AI score0.02616EPSS
Exploits0Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/06/22 5:57 a.m.2 views

CG-WLR300GNV Series does not limit authentication attempts

Overview CG-WLR300GNV and CG-WLR300GNV-W provided by Corega Inc are wireless LAN routers. The WPS functionality in CG-WLR300GNV Series does not limit PIN authentication attempts, making it susceptible to brute force attacks. Takeshi Okamoto of Kanagawa Institute of Technology and Takaaki Minegish...

5.3CVSS7.1AI score0.01385EPSS
Exploits0References5
OSV
OSV
added 2016/06/20 1:59 a.m.4 views

ALPINE-CVE-2016-2178

The dsasignsetup function in crypto/dsa/dsaossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack...

5.5CVSS8.4AI score0.01174EPSS
Exploits1References1
n0where
n0where
added 2016/06/15 6:17 p.m.14 views

Phishing Template Generation Made Easy: SimplyTemplate

Phishing Template Generation Made Easy. The goal of this project was to hopefully speed up Phishing Template Gen as well as an easy way to ensure accuracy of your templates. All templates will provide you with a small meta tag. This tag will help you quickly identify the capabilities of the modul...

6.9AI score
Exploits0References1
The Hacker Blog
The Hacker Blog
added 2016/05/30 6:19 a.m.19 views

XSS Hunter is Now Open Source – Here’s How to Set It Up!

Recently I opened up XSS Hunter for public registration, this was after publishing a post on how I used XSS Hunter to hack GoDaddy via blind XSS and pointed out that many penetration testers use a very limited alert box-based pentesting methodology which will not detect these types of issues. Aft...

6.7AI score
Exploits0
OSV
OSV
added 2016/05/30 12:0 a.m.3 views

UBUNTU-CVE-2016-4952

QEMU aka Quick Emulator, when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service out-of-bounds array access via vectors related to the 1 PVSCSICMDSETUPRINGS or 2 PVSCSICMDSETUPMSGRING SCSI command...

6CVSS6.9AI score0.00372EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/05/27 12:0 a.m.35 views

Apple iTunes < 12.4 DLL Injection Arbitrary Code Execution (uncredentialed check)

The version of Apple iTunes running on the remote Windows host is prior to 12.4. It is, therefore, affected by a DLL Dynamic Link Library injection vulnerability in the setup component that is triggered when running the installer from an untrusted directory. An attacker can exploit this...

7.8CVSS7.6AI score0.00424EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2016/05/12 12:0 a.m.77 views

kernel security and bug fix update

3.10.0-327.18.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.18.2 - lib keys: Fix ASN.1 indefinite length object parsing David Howells 1308814 1308815 CVE-2016-0758 3.10.0-327.18.1 - scsi bnx2fc: Fix FCP RSP residual parsing Maurizio Lombardi 1322279 1306342 - mm madvise: fix...

7.2CVSS0.4AI score0.00397EPSS
Exploits0
Packet Storm
Packet Storm
added 2016/05/11 12:0 a.m.66 views

Android Broadcom Wi-Fi Driver Memory Corruption

/ Copyright C 2016 by AbdSec Core Team This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at your option any later version. This program is...

8.3CVSS0.5AI score0.33367EPSS
Exploits4
Exploit DB
Exploit DB
added 2016/05/11 12:0 a.m.85 views

Google Android Broadcom Wi-Fi Driver - Memory Corruption

/ Copyright C 2016 by AbdSec Core Team This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at your option any later version. This program is...

9.8CVSS7.5AI score0.33367EPSS
Exploits4
OSV
OSV
added 2016/05/09 12:0 a.m.5 views

UBUNTU-CVE-2016-4476

hostapd 0.6.7 through 2.5 and wpasupplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service daemon outage via a crafted WPS operation...

7.5CVSS6.9AI score0.02858EPSS
Exploits0References5
Citrix
Citrix
added 2016/04/27 12:0 a.m.6 views

How to suppress the Add Account window in Citrix Receiver 4.4 or earlier for Windows

This article describes how to suppress the Add Account window in Citrix Receiver for Windows. Note : This article is applicable for Receiver 4.4and earlier. For Receiver for Windows 4.4.1000,Receiver 4.5and later, refer to CTX135438 -How to Suppress the Add Account Window in Citrix Receiver for...

7AI score
Exploits0
Kitploit
Kitploit
added 2016/04/22 9:1 p.m.239 views

Htcap - web application scanner able to crawl single page application (SPA) in a recursive manner by intercepting ajax calls and DOM changes

htcap is a web application scanner able to crawl single page application SPA in a recursive manner by intercepting ajax calls and DOM changes. Htcap is not just another vulnerability scanner since it's focused mainly on the crawling process and uses external tools to discover vulnerabilities. It'...

7.9AI score
Exploits0References2
OSV
OSV
added 2016/04/18 12:59 a.m.4 views

CVE-2016-2421

Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26154410...

6.1CVSS7.3AI score0.00168EPSS
Exploits0References1
NVD
NVD
added 2016/04/18 12:59 a.m.21 views

CVE-2016-2421

Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26154410...

6.6CVSS6.1AI score0.00168EPSS
Exploits0References1
Prion
Prion
added 2016/04/18 12:59 a.m.21 views

Design/Logic Flaw

Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26154410...

6.6CVSS7AI score0.00168EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2016/04/18 12:59 a.m.25 views

CVE-2016-2421

Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26154410...

6.6CVSS6.7AI score0.00168EPSS
Exploits0References2
OSV
OSV
added 2016/04/18 12:59 a.m.2 views

UBUNTU-CVE-2016-2421

Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26154410...

6.1CVSS6.7AI score0.00168EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/04/18 12:0 a.m.26 views

CVE-2016-2421

Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26154410...

6.2AI score0.00168EPSS
Exploits0References1
Rows per page
Query Builder