CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

n0where•added 2016/12/19 3:11 a.m.•54 views

Backdooring Android APK: backdoor-apk

Backdooring Android APK backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without...

Kitploit•added 2016/08/10 4:30 a.m.•9 views

Lynis 2.3.2 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

7.2AI score

Kitploit•added 2016/07/13 7:32 p.m.•22 views

Lynis 2.3.0 - Security Auditing Tool for Unix/Linux Systems

6.9AI score

CNVD•added 2016/06/18 12:0 a.m.•1 views

IBM Personal Communications Unauthorized Access Vulnerability

IBM Personal Communications is the United States IBM dedicated to Microsoft Windows host communications and terminal emulation software package, which provides virtual terminal VT emulation, system network architecture SNA and other functions. An unauthorized access vulnerability exists in IBM...

6.2CVSS6.8AI score0.00134EPSS

n0where•added 2016/04/16 11:26 p.m.•35 views

Backdoor Android APK: backdoor-apk

0.4AI score

Exploit DB•added 2016/03/31 12:0 a.m.•37 views

Apache OpenMeetings 1.9.x < 3.1.0 - '.ZIP' File Directory Traversal

Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings 1.9.x - 3.1.0 Description: The Import/Export System Backups functionality in the OpenMeetings Administration menu http://domain:5080/openmeetings/admin/backup is vulnerable to path traversal via...

7.4AI score

seebug.org•added 2016/01/18 12:0 a.m.•438 views

Ubuntu 14.04 LTS, 15.10 overlayfs - Local Root Exploit

No description provided by source. / just another overlayfs exploit, works on kernels before 2015-12-26 Exploit Title: overlayfs local root Date: 2016-01-05 Exploit Author: rebel Version: Ubuntu 14.04 LTS, 15.10 and more Tested on: Ubuntu 14.04 LTS, 15.10 CVE : CVE-2015-8660 blah@ubuntu:$ id...

7.2CVSS6.6AI score0.58352EPSS

Exploits12

seebug.org•added 2015/09/01 12:0 a.m.•28 views

OpenSSH keyboard-interactive authentication brute force vulnerability

OpenSSH（OpenBSD Secure Shell）是OpenBSD计划组所维护的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现，支持对所有的传输进行加密，可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 6.9及之前版本的sshd中的auth2-chall.c文件中的‘kbdintnextdevice’函数存在安全漏洞。远程攻击者利用该漏洞可借助ssh -oKbdInteractiveDevices选项中较长且重复的列表实施暴力破解攻击，或造成拒绝服务（CPU消耗）。 ---snip--- diff...

7.1AI score

seebug.org•added 2015/08/28 12:0 a.m.•36 views

D-Link Cookie Command Execution

This module exploits an anonymous remote upload and code execution vulnerability on different D-Link devices. The vulnerability is a command injection in the cookie handling process of the lighttpd web server when handling specially crafted cookie values. This module has been successfully tested ...

8.2AI score

myhack58•added 2015/08/19 12:0 a.m.•18 views

A serious Wordpress 0 day exploit reverse engineering analysis-vulnerability warning-the black bar safety net

In just the past weekend,I got from my modsecurity logs found an interesting warning,logging a submit to my Wordpress site with one network request. Although this request did not succeed,but I decided to be an in-depth study,and trying to figure out this request information in the end is what,it...

myhack58•added 2015/08/11 12:0 a.m.•27 views

FireFox file stealing 0day vulnerability has been hacked“real”use, the official emergency release to fix patch-bug warning-the black bar safety net

In Russia a web site, the researchers found a Firefox serious 0day exploits program Exp code, you can steal Windows and Linux users on the computer file. This security event is forcing Mozilla to the official emergency release patch. Vulnerability description The vulnerability is caused by the...

Kitploit•added 2015/07/23 2:1 p.m.•29 views

Lynis 2.1.1 - Security Auditing Tool for Unix/Linux Systems

Lynis is an open source security auditing tool. Commonly used by system administrators, security professionals and auditors, to evaluate the security defenses of their Linux/Unix based systems. It runs on the host itself, so it can perform very extensive security scans. Supported operating system...

7.3AI score

Packet Storm•added 2015/07/19 12:0 a.m.•47 views

OpenSSH Two Minute Cracking Window

OpenSSH has a default value of six authentication tries before it will close the connection the ssh client allows only three password entries per default. With this vulnerability an attacker is able to request as many password prompts limited by the “login graced time” setting, that is set to two...

Packet Storm•added 2015/07/17 12:0 a.m.•37 views

D-Link Cookie Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'D-Link Cookie Command Execution', 'Description' = %q This module exploits an anonymous remote upload and code execution vulnerabilit...

CNVD•added 2015/04/03 12:0 a.m.•1 views

Johnson Controls Metasys Unlimited File Upload Vulnerability

Johnson Controls Metasys is a building automation system from Johnson Controls. The system can be networked with weak electronic systems such as fire and security through a variety of open protocols or standard interfaces to provide system integrity for secure access. An unrestricted file upload...

10CVSS8AI score0.0265EPSS

ThreatPost•added 2014/12/15 11:35 a.m.•24 views

Shellshock Worm Exploits Bash in QNAP NAS Devices

A worm exploiting network attached storage devices vulnerable to the Bash flaw is scanning the Internet for more victims. The worm opens a backdoor on QNAP devices, but to date it appears the attackers are using the exploit to run a click-fraud scam, in addition to maintaining persistence on owne...