Lucene search
K

7920 matches found

Kitploit
Kitploit
added 2015/07/22 8:49 p.m.23 views

Egress-Assess - Tool used to Test Egress Data Detection Capabilities

Egress-Assess is a tool used to test egress data detection capabilities. Setup To setup, run the included setup script, or perform the following: 1. Install pyftpdlib 2. Generate a server certificate and store it as "server.pem" on the same level as Egress-Assess. This can be done with the...

7.4AI score
Exploits0References1
NVD
NVD
added 2015/07/01 2:59 p.m.22 views

CVE-2015-3164

The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket...

3.6CVSS6AI score0.00393EPSS
Exploits0References4
n0where
n0where
added 2015/06/22 10:0 p.m.32 views

SQLMap Web Front End

PHP Front end to work with the SQLMAP JSON API Server sqlmapapi.py to allow for a Web GUI to drive near full functionality of SQLMAP! Windows 2003 Server, IIS/6.0 + ASP + MS-SQL 2005 SQLMap Web GUI Requirements: Linux, Apache, PHP check your favorite distro’s wiki or forum pages, or use google PH...

0.8AI score
Exploits0References2
CNVD
CNVD
added 2015/06/18 12:0 a.m.4 views

hostapd and wpa_supplicant denial of service vulnerabilities (CNVD-2015-03932)

hostapd is a daemon that implements a wireless access point AP and authentication server. wpasupplicant is a daemon that runs in the background, developed by software developer Jouni Malinen and other contributors, and is primarily used to support the WEP, WPA/WPA2 and WAPI wireless protocols and...

4.3CVSS7AI score0.0299EPSS
Exploits0References1
CNVD
CNVD
added 2015/06/17 12:0 a.m.3 views

Cisco Nexus and MDS NX-OS Denial of Service Vulnerabilities

Cisco NX-OS on Nexus 4000 devices, etc. and MDS 9000 devices is the United States Cisco Cisco company's set of operating system running in the Nexus 4000 and other series of switch equipment and MDS 9000 series of fiber optic switch equipment. A security vulnerability exists in the implementation...

5CVSS6.8AI score0.02962EPSS
Exploits0References1
OSV
OSV
added 2015/06/15 3:59 p.m.3 views

DEBIAN-CVE-2015-4163

GNTTABOPswapgrantref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service NULL pointer dereference via a hypercall without a GNTTABOPsetuptable or GNTTABOPsetversion...

4.9CVSS8.1AI score0.00439EPSS
Exploits0References1
Prion
Prion
added 2015/06/12 10:59 a.m.17 views

Code injection

The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices allows remote authenticated users to cause a denial of service device reload by sending a crafted message during IPsec tunnel setup, aka Bug ID CSCur70505...

6.3CVSS6.8AI score0.02422EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/06/12 10:0 a.m.21 views

CVE-2015-0771

The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices allows remote authenticated users to cause a denial of service device reload by sending a crafted message during IPsec tunnel setup, aka Bug ID CSCur70505...

6.2AI score0.02422EPSS
Exploits0References2
OSV
OSV
added 2015/06/08 4:48 p.m.3 views

USN-2628-1 strongswan vulnerability

Alexander E. Patrakov discovered that strongSwan incorrectly handled certain IKEv2 setups. A malicious server could possibly use this issue to obtain user credentials...

2.6CVSS7.2AI score0.02028EPSS
Exploits0References2
n0where
n0where
added 2015/06/05 3:50 p.m.612 views

General Purpose Fuzzing: Honggfuzz

Honggfuzz is a general-purpose fuzzing tool. Given a starting corpus of test files, Hongfuzz supplies and modifies input to a test program and utilize the ptrace API / POSIX signal interface to detect and log crashes. Features Easy setup : No complicated configuration files or setup necessary —...

6.8CVSS9.3AI score0.06287EPSS
Exploits5References6
NVD
NVD
added 2015/06/05 10:59 a.m.22 views

CVE-2015-2124

Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors...

7.2CVSS6.4AI score0.00622EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2015/06/05 10:59 a.m.3 views

CVE-2015-2124

Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors...

7.2CVSS5.5AI score0.00622EPSS
Exploits0References3
Cvelist
Cvelist
added 2015/06/05 10:0 a.m.21 views

CVE-2015-2124

Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors...

6.4AI score0.00622EPSS
Exploits0References2
CNVD
CNVD
added 2015/06/03 12:0 a.m.4 views

ResourceSpace Native PHP File Inclusion Vulnerability

ResourceSpace is an open source digital asset management solution. ResourceSpace has a local PHP file inclusion vulnerability. Due to the "defaultlanguage" HTTP GET parameter received from the user to include PHP files using the "include" PHP function before the "/pages/setup.php" script lack of...

7.5CVSS6.8AI score0.08083EPSS
Exploits3References1
securityvulns
securityvulns
added 2015/06/01 12:0 a.m.29 views

HP Easy Setup Wizard privilege escalation

No description provided...

7.2CVSS1.5AI score0.00622EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2015/06/01 12:0 a.m.3 views

UBUNTU-CVE-2015-4141

The WPS UPnP function in hostapd, when using WPS AP, and wpasupplicant, when using WPS external registrar ER, 0.7.0 through 2.4 allows remote attackers to cause a denial of service crash via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow...

4.3CVSS7.7AI score0.0299EPSS
Exploits0References6
NVD
NVD
added 2015/05/26 3:59 p.m.18 views

CVE-2015-3902

Multiple cross-site request forgery CSRF vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configurati...

6.8CVSS7AI score0.01087EPSS
Exploits0References6
OSV
OSV
added 2015/05/26 3:59 p.m.3 views

DEBIAN-CVE-2015-3902

Multiple cross-site request forgery CSRF vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configurati...

6.8CVSS9.8AI score0.01087EPSS
Exploits0References1
OSV
OSV
added 2015/05/26 3:59 p.m.5 views

UBUNTU-CVE-2015-3902

Multiple cross-site request forgery CSRF vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configurati...

6.8CVSS7.2AI score0.01087EPSS
Exploits0References2
CVE
CVE
added 2015/05/26 3:0 p.m.84 views

CVE-2015-3902

CVE-2015-3902 is a CSRF/XSRF vulnerability in the phpMyAdmin setup process. The issue affects PHPMyAdmin releases up to 4.0.x < 4.0.10.10, 4.2.x < 4.2.13.3, 4.3.x < 4.3.13.1, and 4.4.x

6.8CVSS7AI score0.01087EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder