10-Strike Network Inventory Explorer 8.54 - Registration Key Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Exploit Title: 10-Strike Network Inventory Explorer 8.54 - 'Registration Key' Buffer Overflow SEH Exploit Author: Hashim Jawad - ihack4falafelx Vendor Homepage: https://www.10-strike.com/ Vulnerable Software:...

10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH)

Exploit Title : 10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow SEH Exploit Author : Hashim Jawad - ihack4falafel Vendor Homepage : https://www.10-strike.com/ Vulnerable Software: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Tested on : Windows ...

10-Strike Network Inventory Explorer 8.54 - 'Registration Key' Buffer Overflow (SEH)

Exploit Title: 10-Strike Network Inventory Explorer 8.54 - 'Registration Key' Buffer Overflow SEH Exploit Author: Hashim Jawad - ihack4falafelx Date: 2018-06-05 Vendor Homepage: https://www.10-strike.com/ Vulnerable Software:...

10-Strike Network Inventory Explorer Standard 8.54 Buffer Overflow

!/usr/bin/python ---------------------------------------------------------------------------------------------------------- Exploit Title : 10-Strike Network Inventory Explorer Standard v8.54 - Local Buffer Overflow SEH Exploit Author : Hashim Jawad - @ihack4falafel Vendor Homepage :...

CVE-2016-10695

The npm-test-sqlite3-trunk module provides asynchronous, non-blocking SQLite3 bindings. npm-test-sqlite3-trunk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an...

Remote code execution

The npm-test-sqlite3-trunk module provides asynchronous, non-blocking SQLite3 bindings. npm-test-sqlite3-trunk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an...

CVE-2016-10695

The npm-test-sqlite3-trunk module provides asynchronous, non-blocking SQLite3 bindings. npm-test-sqlite3-trunk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an...

CVE-2016-10695

The npm-test-sqlite3-trunk module provides asynchronous, non-blocking SQLite3 bindings. npm-test-sqlite3-trunk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an...

CVE-2016-10695

CVE-2016-10695 affects npm-test-sqlite3-trunk; its root cause is downloading binary resources over HTTP, enabling MITM interception and replacement with attacker-controlled binaries, potentially leading to remote code execution. Multiple connected sources confirm the risk and note no patch is ava...

openSUSE Security Update : pdns (openSUSE-2018-532)

This update for pdns fixes the following issues : Security issues fixed : - CVE-2018-1046: Fix an issue with replaying a specially crafted PCAP file that can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution bsc1092540. %NASLMINLEVEL 70300 C Tenabl...

Updated sqlite3 packages fix security vulnerability

In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c CVE-2018-8740...

MGASA-2018-0181 Updated sqlite3 packages fix security vulnerability

In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c CVE-2018-8740...

Fuzzing and Data Manipulation Framework: Fuddly

Among the variety of complementary approaches used in the security evaluation of a target e.g. , software, an embedded equipment, etc. , fuzz testing—abbreviated fuzzing —is widely recognized as an effective means to help discovering security weaknesses in a target. Fuzzing is a software testing...

Debian: Security Advisory (DLA-1018-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AndroTickler - Penetration Testing and Auditing Toolkit for Android Apps

A java tool that helps to pentest Android apps faster, more easily and more efficiently. AndroTickler offers many features of information gathering, static and dynamic checks that cover most of the aspects of Android apps pentesting. It also offers several features that pentesters need during the...

Emby MediaServer 3.2.5 Directory Traversal File Disclosure Vulnerability

Summary Emby formerly Media Browser is a media server designed to organize, play, and stream audio and video to a variety of devices. Emby is open-source, and uses a client-server model. Two comparable media servers are Plex and Windows Media Center. Description The vulnerability was confirmed on...

GHSA-6X46-7RRV-M4H8 sqlite3-ruby uses weak permissions for unspecified files, which allows local users to gain privileges

The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise SLE 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors...

sqlite3-ruby uses weak permissions for unspecified files, which allows local users to gain privileges

The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise SLE 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors...

SUSE SLES12 Security Update : freeradius-server (SUSE-SU-2017:2202-1)

This update for freeradius-server fixes the following issues : - update to 3.0.15 bsc1049086 - Bind the lifetime of program name and python path to the module - CVE-2017-10978: FR-GV-201: Check input / output length in makesecret bsc1049086 - CVE-2017-10983: FR-GV-206: Fix read overflow when...

FreeBSD : sqlite3 -- heap-buffer overflow (9245681c-7c3c-11e7-b5af-a4badb2f4699)

Google reports : A heap-buffer overflow sometimes a crash can arise when running a SQL request on malformed sqlite3 databases. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright...