5333 matches found
Default credentials
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to discover passwords by sending the username parameter in conjunction with an empty password parameter, and reading the HTML source code of the response...
CVE-2017-9557
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to discover passwords by sending the username parameter in conjunction with an empty password parameter, and reading the HTML source code of the response...
CVE-2017-9557
CVE-2017-9557 affects EFS Software Easy Chat Server (versions 2.0–3.1). The issue allows remote attackers to obtain user passwords by sending a crafted request containing the username parameter together with an empty password parameter, then reading the HTML source of the response. This is a info...
Car Backdoor Maker: CBM
Car Backdoor Maker For the first time, a hardware backdoor tool is presented having several advanced features, such as: remote control via SMS commands, automated launch of attack payloads at a GPS location or when a specific car status is reached; and a configuration interface that allows users ...
Visual Studio Security Extension: Puma Scan
Visual Studio Security Extension Puma Scan is the leading software security Visual Studio analyzer extension. Built on top of Roslyn, the open-source .NET Compiler Platform, Puma Scan provides real time, continuous source code analysis as development teams write code. Vulnerabilities are...
Null pointer dereference
The lexerprocesscharliteral function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via malformed JavaScript source code, related to...
CVE-2017-9250
The lexerprocesscharliteral function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via malformed JavaScript source code, related to...
CVE-2017-9250
The lexerprocesscharliteral function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via malformed JavaScript source code, related to...
WordPress All In One Schema.org Rich Snippets 1.4.1 XSS
DefenseCode ThunderScan SAST Advisory WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability Advisory ID: DC-2017-01-002 Advisory Title: WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Softwar...
Snapchat: Open prod Jenkins instance
@prebenve found a Jenkins instance where they could login with any valid Google account. Once logged in, they gained access to sensitive API tokens. The access also included some source code disclosure for public apps and the ability to execute arbitrary code via the Jenkins Script Console...
SSH MITM Tool
SSH MITM Tool This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the...
Dell SonicWALL Secure Remote Access viewcert RCE
Remote command execution vulnerability in Dell SonicWALL Secure Remote Access /cgi-bin/viewcert Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...
Huiwen opac of the library back door leads to the source of the leak
0x00 description Hui Wen libsys library opac system is a colleges and universities to use more of the system, the user has Xiamen University, Nanjing University, Dalian Polytechnic University, Nankai University and many other schools. The system used is Oracle + the php, not from public contact t...
Android Security Bulletin—May 2017Stay organized with collectionsSave and categorize content based on your preferences.
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Nexus devices through an over-the-air OTA update. The Google device firmware images have also been released to the Google Developer...
Based on jemalloc Android exploit skills----CENSUS-bug warning-the black bar safety net
Background description jemalloc-related research argp and huku in 2012 in Phrack published on: jemalloc memory allocator a separate use of themade-based on FreeBSD libc POC. argp and huku in 2012 BlackHat published: in Firefo play bad jemalloc metadata. argp in 2015 INFILTRATE on jemalloc exploit...
WikiLeaks Reveals CIA Tool 'Scribbles' For Document Tracking
Update WikiLeaks released details on what it said is a Central Intelligence Agency document tracking program called Scribbles, part of the agency’s effort to keep tabs on documents leaked to whistleblowers and journalists. Scribbles allegedly embeds a web beacon-style tag into watermarks located ...
Source Code for CIA’s Tool to Track Whistleblowers Leaked by Wikileaks
Wikileaks has just published a new batch of the Vault 7 leak, exposing the documentation and source code for a CIA project known as "Scribbles." Scribbles, a.k.a. the "Snowden Stopper," is a piece of software allegedly designed to embed 'web beacon' tags into confidential documents, allowing the...
Microsoft Windows 10 - Runtime Broker ClipboardBroker Privilege Escalation
Microsoft Windows 10 - Runtime Broker ClipboardBroker Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1079 Windows: Runtime Broker ClipboardBroker EoP Platform: Windows 10 10586/14393 not tested 8.1 Update 2 Class: Elevation of Privilege Summary: The Runtime...
Internet Bug Bounty: Mercurial can be tricked into granting authorized users access to the Python debugger
I reported this bug privately to Mercurial and they produced an out of band release to fix the bug here: https://www.mercurial-scm.org/wiki/WhatsNewMercurial4.1.3.282017-4-18.29 I produced a very detailed proof of concept with a Metasploit exploit module, which can be seen publicly here:...
Phpcms v9 vulnerability analysis-vulnerability warning-the black bar safety net
Recent study the source code and audit-related knowledge, will be grabbed before open source CMS vulnerability research, yesterday accidentally saw this PHPCMS vulnerability, you are ready to Analysis a lot, originally wanted to directly from the source code static analysis, but found itself on t...