4786 matches found
chromium -- multiple vulnerabilities
Google Chrome Releases reports: 43 security fixes in this release, including: High CVE-2018-17480: Out of bounds write in V8 High CVE-2018-17481: Use after free in PDFium High CVE-2018-18335: Heap buffer overflow in Skia High CVE-2018-18336: Use after free in PDFium High CVE-2018-18337: Use after...
CVE-2018-3854
An exploitable information disclosure vulnerability exists in the password protection functionality of Quicken Deluxe 2018 for Mac version 5.2.2. A specially crafted sqlite3 request can cause the removal of the password protection, allowing an attacker to access and modify the data without knowin...
bro -- "Magellan" remote code execution vulnerability in bundled sqlite
Bro Network security Monitor reports: Bro 2.6.1 updates the embedded SQLite to version 3.26.0 to address the "Magellan" remote code execution vulnerability. The stock Bro configuration/scripts don't use SQLite by default, but custom user scripts/packages may...
Extract Digital Evidences From Images: Imago-Forensics
Imago is a python tool that extract digital evidences from images recursively. This tool is useful throughout a digital forensic investigation. If you need to extract digital evidences and you have a lot of images, through this tool you will be able to compare them easily. Imago allows to extract...
SSH Auditor - The Best Way To Scan For Weak Ssh Passwords On Your Network
The Best Way To Scan For Weak Ssh Passwords On Your Network Features ssh-auditor will automatically: Re-check all known hosts as new credentials are added. It will only check the new credentials. Queue a full credential scan on any new host discovered. Queue a full credential scan on any known ho...
Pacu - The AWS Exploitation Framework, Designed For Testing The Security Of Amazon Web Services Environments
Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its...
Maitra Mail Tracking System 1.7.2 - SQL Injection / Database File Download Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Maitra - Mail Tracking System 1.7.2 - SQL Injection / Database File Download Exploit Author: Ihsan Sencan Vendor Homepage: http://salzertechnologies.com/ Software Link:...
Maitra Mail Tracking System 1.7.2 - SQL Injection Database File Download
Maitra Mail Tracking System 1.7.2 - SQL Injection Database File Download Exploit Title: Maitra - Mail Tracking System 1.7.2 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://salzertechnologies.com/ Software Link:...
Automatic SQL injection and database takeover tool: sqlmap
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...
[SECURITY] Fedora 29 Update: roundcubemail-1.3.8-1.fc29
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
[SECURITY] Fedora 28 Update: roundcubemail-1.3.8-1.fc28
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
[SECURITY] Fedora 27 Update: roundcubemail-1.3.8-1.fc27
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
Authentication flaw
The time-based one-time-password TOTP function in the application logic of the Green Electronics RainMachine Mini-8 2nd generation uses the administrator's password hash to generate a 6-digit temporary passcode that can be used for remote and local access, aka a "Use of Password Hash Instead of...
SaltOS Erp Crm 3.1 r8126 - Database File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: SaltOS Erp, Crm 3.1 r8126 - Database File Download Exploit Author: Ihsan Sencan Vendor Homepage: http://www.saltos.org/ Software Link: http://download.saltos.org/?app=saltos&format=xul&arch=win32 Version: 3.1 r0 / 3.x Category:...
SUSE-SU-2018:3572-1 Security update for apache2-mod_nss
This update for apache2-modnss fixes the following issues: Due to the update of mozilla-nss apache2-modnss needs to be updated to change to the SQLite certificate database, which is now the default bsc1108771. Because of that this update is tagged as security, to reach customers that only install...
EulerOS Virtualization 2.5.0 : sqlite (EulerOS-SA-2018-1341)
According to the version of the sqlite package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereferenc...
Twitter-Intelligence - Twitter Intelligence OSINT Project Performs Tracking And Analysis Of The Twitter
A project written in Python to twitter tracking and analysis without using Twitter API. Prerequisites This project is a Python 3.x application. The package dependencies are in the file requirements.txt. Run that command to install the dependencies. pip3 install -r requirements.txt Database SQLite...
FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure
FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure Auhor: Gjoko 'LiquidWorm' Krstic Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: https://www.flir.com Affected version: Firmware: 1.32.16, 1.17.13 O...
Intuit Quicken Deluxe 2018 for Mac Password Protection Authentication Bypass Vulnerability
Summary An exploitable information disclosure vulnerability exists in the password protection functionality of Quicken Deluxe 2018 for Mac version 5.2.2. A specially crafted sqlite3 request can cause the removal of the password protection, allowing an attacker to access and modify the data withou...
Updated firefox packages fix security vulnerability
Firefox 60 is now the only supported version of the ESR series and it brings a completely new browser engine, designed to take full advantage of the processing power in modern devices. Firefox also now exclusively supports extensions built using the WebExtension API. This update brings Firefox...