4518 matches found
CVE-2017-16024
The CVE-2017-16024 entry concerns the sync-exec module, used to simulate Node.js child_process.execSync in Node versions
CloudMe Sync 1.11.0 - Buffer Overflow (SEH) (DEP Bypass)
CloudMe Sync 1.11.0 - Buffer Overflow SEH DEP Bypass Exploit: CloudMe Sync netstat -nao | find "8888" TCP 0.0.0.0:8888 0.0.0.0:0 LISTENING 2640 C:\tasklist | find "2640" CloudMe.exe 2640 Console 1 36,632 K Attacking Machine: root@kali:/Desktop python cloudme.py CloudMe Sync v1.10.9 Buffer Overflo...
CloudMe Sync < 1.11.0 - Buffer Overflow (SEH) (DEP Bypass)
Exploit: CloudMe Sync netstat -nao | find "8888" TCP 0.0.0.0:8888 0.0.0.0:0 LISTENING 2640 C:\tasklist | find "2640" CloudMe.exe 2640 Console 1 36,632 K Attacking Machine: root@kali:/Desktop python cloudme.py CloudMe Sync v1.10.9 Buffer Overflow with DEP Bypass + CloudMe Target IP 192.168.12.4...
Exploit for Improper Input Validation in Flexense Syncbreeze
Flexense HTTP Server Server-Enable web server on port. Module...
Trustjacking: iTunes’ Wi-Fi Sync Feature Vulnerable to Exploitation
By Waqas Hackers can exploit the vulnerability in iTunes' Wi-Fi Sync feature and This is a post from HackRead.com Read the original post: Trustjacking: iTunes' Wi-Fi Sync Feature Vulnerable to Exploitation...
'iTunes Wi-Fi Sync' Feature Could Let Attackers Hijack Your iPhone, iPad Remotely
Be careful while plugging your iPhone into a friend's laptop for a quick charge or sharing selected files. Researchers at Symantec have issued a security warning for iPhone and iPad users about a new attack, which they named "TrustJacking," that could allow someone you trust to remotely take...
'iTunes Wi-Fi Sync' Feature Could Let Attackers Hijack Your iPhone, iPad Remotely
Be careful while plugging your iPhone into a friend's laptop for a quick charge or sharing selected files. Researchers at Symantec have issued a security warning for iPhone and iPad users about a new attack, which they named "TrustJacking ," that could allow someone you trust to remotely take...
RSA 2018 | via iOS Trustjacking vulnerability remote penetration iPhone-vulnerability warning-the black bar safety net
! Symantec researchers found a iPhone and Mac workstation and laptop pairing vulnerability. They stated that an attacker can use this is called Trustjacking of Vulnerability, in the no information case to take over the device. Trustjacking vulnerability from iTunes comes with the“iTunes Wi-Fi...
New vulnerability: hackers can use the iTunes Wi-Fi sync feature to take over your iPhone-bug warning-the black bar safety net
United States Time 4 May 19, according to foreign media reports, Symantec researchers found that the Apple eco in a loophole, as long as the user of the iPhone with the Mac workstation or laptop pairing, the hacker could use the vulnerability Trustjacking)surreptitiously“take over”the user...
CloudMe Sync 1.11.0 Local Buffer Overflow Exploit
Exploit for windows platform in category local exploits Exploit Title: Local Buffer Overflow on CloudMe Sync v1.11.0 Date: 08.03.2018 Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1110.exe Category: Local Exploit Discovery: Prasenjit Kanti Pau...
CloudMe Sync 1.11.0 - Local Buffer Overflow
CloudMe Sync 1.11.0 - Local Buffer Overflow Exploit Title: Local Buffer Overflow on CloudMe Sync v1.11.0 Date: 08.03.2018 Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1110.exe Category: Local Exploit Discovery: Prasenjit Kanti Paul Web:...
CloudMe Sync 1.11.0 - Local Buffer Overflow
Exploit Title: Local Buffer Overflow on CloudMe Sync v1.11.0 Date: 08.03.2018 Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1110.exe Category: Local Exploit Discovery: Prasenjit Kanti Paul Web: http://hack2rule.wordpress.com/ Version: 1.11.0...
CloudMe Sync 1.11.0 Local Buffer Overflow
Exploit Title: Local Buffer Overflow on CloudMe Sync v1.11.0 Date: 08.03.2018 Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1110.exe Category: Local Exploit Discovery: Prasenjit Kanti Paul Web: http://hack2rule.wordpress.com/ Version: 1.11.0...
DCSYNCMonitor - Monitors For DCSYNC And DCSHADOW Attacks And Create Custom Windows Events For These Events
This tool is an application/service that can be deployed on Domain controllers to alert on Domain Controller Syncronization attempts. When an attempt is detected, the tool will write an event to the Windows Event Log. These events can be correlated in a SIEM. In addition, this tool can take a lis...
Sync Breeze Enterprise 10.4.18 - Denial of-Service (PoC)
!/usr/bin/python import socket import sys from struct import pack try: server = sys.argv1 port = 9121 size = 1000 inputBuffer = b"\x41" size header = b"\x75\x19\xba\xab" header += b"\x03\x00\x00\x00" header += b"\x00\x40\x00\x00" header += pack'I', leninputBuffer header += pack'I', leninputBuffer...
[SECURITY] Fedora 28 Update: calibre-3.19.0-1.fc28
Calibre is meant to be a complete e-library solution. It includes library management, format conversion, news feeds to ebook conversion as well as e-book reader sync features. Calibre is primarily a ebook cataloging program. It manages your ebook collection for you. It is designed around the...
[SECURITY] Fedora 26 Update: calibre-3.19.0-1.fc26
Calibre is meant to be a complete e-library solution. It includes library management, format conversion, news feeds to ebook conversion as well as e-book reader sync features. Calibre is primarily a ebook cataloging program. It manages your ebook collection for you. It is designed around the...
[SECURITY] Fedora 27 Update: calibre-3.19.0-1.fc27
Calibre is meant to be a complete e-library solution. It includes library management, format conversion, news feeds to ebook conversion as well as e-book reader sync features. Calibre is primarily a ebook cataloging program. It manages your ebook collection for you. It is designed around the...
CVE-2018-7886
An issue was discovered in CloudMe 1.11.0. An unauthenticated local attacker that can connect to the "CloudMe Sync" client application listening on 127.0.0.1 port 8888 can send a malicious payload causing a buffer overflow condition. This will result in code execution, as demonstrated by a TCP...
Buffer overflow
An issue was discovered in CloudMe 1.11.0. An unauthenticated local attacker that can connect to the "CloudMe Sync" client application listening on 127.0.0.1 port 8888 can send a malicious payload causing a buffer overflow condition. This will result in code execution, as demonstrated by a TCP...