Lucene search
+L

2852 matches found

Packet Storm
Packet Storm
added 2015/01/27 12:0 a.m.31 views

FancyFon FAMOC 3.16.5 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-011 Products: FAMOC Vendor: FancyFon Affected Versions: 3.16.5 Tested Versions: 3.16.5 Vulnerability Type: Cross-Site Scripting CWE-79 Risk Level: Medium Solution Status: Fixed Vendor Notification: 2014-12-19 Solution Date:...

7.4AI score
Exploits0
0day.today
0day.today
added 2015/01/08 12:0 a.m.56 views

WordPress Shopping Cart 3.0.4 - Unrestricted File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Shopping Cart 3.0.4 Unrestricted File Upload Date: 29-10-2014 Software Link: https://wordpress.org/plugins/wp-easycart/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website:...

6.5CVSS0.4AI score0.51617EPSS
Exploits7
exploitpack
exploitpack
added 2015/01/05 3:26 p.m.64 views

Inmatrix-Ltd.-Zoom-Player-8.5-.jpeg

Exploit Title: Inmatrix Ltd. Zoom Player Crafted JPEG File Memory Corruption and Arbitrary Code Execution Exploit. Version: Zoom Player v8.5 Date: 09-1-2013 Author: Debasish Mandal. Blog : http://www.debasish.in/ d =...

2.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/11/20 12:0 a.m.97 views

Cisco ASA SSL VPN Information Disclosure (CSCuq65542)

According to its banner, the version of the Cisco ASA software on the remote device is affected by an information disclosure vulnerability in the SSL VPN feature. By requesting a specific URL, a remote attacker can exploit this vulnerability to obtain software version information which could be...

5CVSS5.5AI score0.01998EPSS
Exploits0References3
OSV
OSV
added 2014/11/14 12:53 p.m.11 views

SUSE-SU-2015:1098-1 Security update for wireshark

wireshark has been updated to version 1.10.11 to fix five security issues. These security issues have been fixed: SigComp UDVM buffer overflow CVE-2014-8710. AMQP dissector crash CVE-2014-8711. NCP dissector crashes CVE-2014-8712, CVE-2014-8713. TN5250 infinite loops CVE-2014-8714. This...

9.3CVSS6.3AI score0.60643EPSS
Exploits27References100
ICS
ICS
added 2014/10/17 6:0 a.m.32 views

Schneider Electric ClearSCADA Uncontrolled Resource Consumption Vulnerability

OVERVIEW Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an uncontrolled resource consumption vulnerability in the Schneider Electric SCADA Expert ClearSCADA software. Schneider Electric has produced a new version that mitigates this vulnerability. Adam Crain has...

4.3CVSS7.2AI score0.01164EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2014/10/10 12:0 a.m.30 views

F5 Networks BIG-IP : SSL acceleration card timing vulnerability (K15500)

SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer SSL accelerator cards, might allow remote attackers to have...

5.9CVSS6.2AI score0.0162EPSS
Exploits0References2
NVD
NVD
added 2014/10/05 1:55 a.m.23 views

CVE-2014-3398

The SSL VPN implementation in Cisco Adaptive Security Appliance ASA Software allows remote attackers to obtain potentially sensitive software-version information by reading the verbose response data that is provided for a request to an unspecified URL, aka Bug ID CSCuq65542...

5CVSS6.2AI score0.01998EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2014/10/05 12:0 a.m.7 views

PT-2014-5288 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Description: A issue in the SSL VPN implementation allows remote attackers to obtain potentially sensitive software-version information by reading the verbose...

5CVSS6AI score0.01998EPSS
Exploits0References3
ICS
ICS
added 2014/07/24 6:0 a.m.45 views

Rockwell Automation Connected Components Workbench ActiveX Component Vulnerabilities

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on November 6, 2014, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Andrea Micalizzi working through ZDI has identified two custom ActiveX Component vulnerabilities in Rockwell...

7.5CVSS7AI score0.11EPSS
Exploits0References10
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.32 views

Python Untrusted Search Path/Code Execution Vulnerability

No description provided by source. Exploit Title: Python untrusted search path/code execution vulnerability Date: 7.6.12 Exploit Author: rogueclown Vendor Homepage: http://www.python.org Software Link: http://www.python.org/getit/releases/ Version: python 2.7.2 and python 3.2.1 Tested on: linux m...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Flare <= 0.6 - Local Heap Overflow DoS

No description provided by source. Exploit Title: Flare = 0.6 local heap overflow DoS Date: 3/7/2010 Author: l3D Software Link: http://www.nowrap.de/download/flare06doswin.zip Version: 0.6 Tested on: Windows 7, Windows XP SP2 and some linux distributions Code: !/usr/bin/env python IRC:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

PlaySMS <= 0.9.5.2 - Remote File Inclusion Vulnerability

No description provided by source. ============================================================================================================= o PlaySMS = Remote File Inclusion Vulnerability Software : PlaySMS ver 0.9.5.2 Vendor : http://playsms.org/ Author : NoGe Contact :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.555 views

Oracle Forms and Reports 11.1 - Remote Exploit

No description provided by source. !/usr/bin/env ruby Exploit Title: Oracle Reports 11.1 About: Automated exploit for CVE-2012-3153/CVE-2012-3152 Google Dork: inurl:/reports/rwservlet/ Date: 01/28/2014 Exploit Author: Mekanismen [email protected] Credits to: @misssudo for initial disclosure...

6.4CVSS9.3AI score0.98695EPSS
Exploits11
0day.today
0day.today
added 2014/06/07 12:0 a.m.25 views

Sagem 2604 Password Disclosure Vulnerability

Sagem 2604 suffers from a password disclosure vulnerability. +Title: Sagem 2604 Password Discolusre vulnerability +Author: TUNISIAN CYBER +Date: 6/JUN/2014 +Type:WebApp +Risk:High +Affected Version: v2604 Hardware Version: 253251193 Software Version: 3.21a4G +Overview: Sagem modem suffers, from a...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2014/06/06 12:0 a.m.31 views

Sagem 2604 Password Disclosure

+Title: Sagem 2604 Password Discolusre vulnerability +Author: TUNISIAN CYBER +Date: 6/JUN/2014 +Type:WebApp +Risk:High +Affected Version: v2604 Hardware Version: 253251193 Software Version: 3.21a4G +Overview: Sagem modem suffers, from a password discolsure vulnerability. +Proof Of Concept:...

7.4AI score
Exploits0
0day.today
0day.today
added 2014/04/02 12:0 a.m.32 views

ICOMM 610 Wireless Modem - CSRF Vulnerability

Exploit for hardware platform in category web applications Exploit Title : ICOMM 610 Wireless Modem CSRF Vulnerability Google dork : N/A Date : 02/04/2014 Exploit Author : Blessen Thomas Vendor Homepage : http://www.icommtele.com/ Software Link : N/A Version : ICOMM 610 Tested on : Device softwar...

7.1AI score
Exploits0
OSV
OSV
added 2014/03/14 3:55 p.m.4 views

CVE-2014-2270

softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service out-of-bounds memory access and crash via crafted offsets in the softmagic of a PE executable...

6.2AI score
Exploits0References26
seebug.org
seebug.org
added 2014/03/06 12:0 a.m.57 views

MediaWiki 'theloadFromSession'函数信息泄露漏洞

BUGTRAQ ID:65883 CVE ID:CVE-2014-2243 MediaWiki是一款Wiki程序。 MediaWiki的includes/User.php脚本'theloadFromSession'函数存在安全漏洞。远程攻击者可通过实施暴力破解攻击利用该漏洞获取会话令牌的访问权限。 0 MediaWiki Mediawiki 2.0.18 MediaWiki Mediawiki = 1.19.11 MediaWiki Mediawiki 1.20.x MediaWiki Mediawiki 1.21.x1.21.6 MediaWiki Mediawiki...

5.8CVSS0.1AI score0.01553EPSS
Exploits1
Arista
Arista
added 2014/02/14 12:0 a.m.17 views

Security Advisory 0003

Security Advisory 0003 PDF Date: 2/14/2014 Affected Software Version: EOS-4.13.0F through EOS-4.13.1F. Note: Only publicly accessible systems are vulnerable to this attack. Bug 77553: ntpd monlist vulnerability Impact: NTP provides a monitoring service that allows administrators to query an ntpd...

6.9AI score
Exploits0References1Affected Software1
Rows per page
Query Builder