CyberChef - The Cyber Swiss Army Knife [A Web App For Encryption, Encoding, Compression And Data Analysis]

The Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression an...

predictionsource.com XSS vulnerability

Open Bug Bounty ID: OBB-550164 Description| Value ---|--- Affected Website:| predictionsource.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Overview of rapid cyberattacks

Rapid cyberattacks like Petya and WannaCrypt have reset our expectations on the speed and scope of damage that a cyberattack can inflict. The Microsoft Enterprise Cybersecurity Group Detection and Response team worked extensively to help customers respond to and recover from these kinds of attack...

5iyaya.com XSS vulnerability

Open Bug Bounty ID: OBB-470127 Description| Value ---|--- Affected Website:| 5iyaya.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

AirStar Airbnb Clone Script 1.0 - SQL Injection

Exploit Title: AirStar Airbnb Clone Script v1.0 - SQL Injection Date: 2017-09-11 Exploit Author: 8bitsec Vendor Homepage: https://www.abservetech.com/ Software Link: https://www.abservetech.com/airstar-airbnb-clone/ Version: 1.0 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email: [email protected]...

Technical Notes - OpenShift Enterprise 2 Technical Notes

No description provided...

NIST Releases New Digital Identity Guidelines

The National Institute of Standards and Technology NIST has released the Digital Identity Guidelines document suite. The four-volume suite offers technical guidelines for organizations that use digital identity services. US-CERT encourages information security practitioners in industry, governmen...

5.6 Technical Notes - Red Hat Enterprise Linux 5 5.6 Technical Notes

No description provided...

history.rzd.ru XSS vulnerability

Open Bug Bounty ID: OBB-211874 Description| Value ---|--- Affected Website:| history.rzd.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2017-3419

Oracle E-Business Suite CVE-2017-3419 affects the Oracle CRM Technical Foundation component (User Interface) with the 12.1.3 release. The vulnerability allows an unauthenticated attacker, over HTTP, to access and potentially modify Oracle CRM data after social interaction, as described by the CVS...

Internet Bug Bounty: Crash (DoS) when parsing a hostile TIFF

The issue was reported and resolved by PHP's security team: Ticket 73737: https://bugs.php.net/bug.php?id=73737 Git Commit: http://git.php.net/?p=php-src.git;a=commit;h=1cda0d7c2ffb62d8331c64e703131d9cabdc03ea The EXIF module in all PHP versions 5.6.9 and below, 7.1.0 and below is vulnerable to a...

Cyber Swiss Army Knife: CyberChef

Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of “cyber” operations within a web browser. These operations include creating hexdumps, simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, data compression and...

KLA10851 Denial of service vulnerabilities in Wireshark

Multiple different vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely via a specially designed packet or file. Technical details WBXML dissector epan/dissectors/packet-wbxml.c...

6.6 Technical Notes

No description provided...

Oracle E-Business Suite - Cross-site Scripting vulnerability

Application: E-Business Suite Vendor URL: Oracle Bugs: Cross-site Scripting Reported: 17.07.2015 Vendor response: 24.07.2015 Date of Public Advisory:20.10.2015 Reference: Oracle CPU Oct 2015 Authors: Nikita Kelesis, Ivan Chalykin, Alexey Tyurin ERPScan VULNERABILITY INFORMATION Class: Cross-site...

phpBugTracker 1.6.0 CSRF / XSS / SQL Injection

Advisory: Multiple SQLi, stored/reflecting XSS- and CSRF-vulnerabilities in phpBugTracker v.1.6.0 Advisory ID: SROEADV-2015-16 Author: Steffen Rösemann Affected Software: phpBugTracker v.1.6.0 Vendor URL: https://github.com/a-v-k/phpBugTracker Vendor Status: patched CVE-ID: will asked to be...

(RHSA-2014:0831) Low: Red Hat Developer Toolset Version 1 Retirement Notice

In accordance with the Red Hat Developer Toolset Life Cycle policy, the Red Hat Developer Toolset Version 1 offering was retired on June 30, 2014, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent...

Websense Proxy Filter Bypass

Websense Proxy Filter Bypass 1. Advisory Information Date published: 2012-11-25 Vendors contacted: Websense Release mode: Coordinated release Vendor was notified 2. Vulnerability Information Class: Filter Bypass Remotely Exploitable: Yes 3. Software Description Internet access management system...

[Suspected Spam] Swoopo Gold Shop CMS v8.4.56 - Multiple Web Vulnerabilities

Title: ====== Swoopo Gold Shop CMS v8.4.56 - Multiple Web Vulnerabilities Date: ===== 2012-05-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=515 VL-ID: ===== 515 Common Vulnerability Scoring System: ==================================== 8.5 Introduction: ============...

Symantec releases patch to address pcAnywhere source code exposure

Symantec releases patch to address pcAnywhere source code exposure Anonymous activists have released source code for PCAnywhere onto the internet, hours after a hacker's negotiations for payment from Symantec broke down. Symantec code exposure turns up danger to pcAnywhere customers.Symantec has...