7417 matches found
Design/Logic Flaw
Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite subcomponent: Load Testing for Web Apps. The supported version that is affected is 13.3.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
CVE-2019-2557
CVE-2019-2557 affects the Oracle Application Testing Suite (OATS) Load Testing for Web Apps, specifically version 13.3.0.1. The Red Hat/Oracle records describe a post-auth vulnerability in the DownloadServlet used to serve templates (mapped at /download). An authenticated (post-auth) attacker can...
CVE-2019-2557
Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite subcomponent: Load Testing for Web Apps. The supported version that is affected is 13.3.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
CVE-2019-2557
Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite subcomponent: Load Testing for Web Apps. The supported version that is affected is 13.3.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
Oracle Application Testing Suite DownloadServlet Directory Traversal Remote Code Execution
Oracle Application Testing Suite versions 13.3.0.1 and prior are vulnerable to a directory traversal attack. An attacker could leverage this to steal sensitive credentials, decrypt them, gain privileges, and get remote code execution. Recent assessments: wchen-r7 at May 09, 2019 5:57pm UTC...
Anevicon - A High-Performant UDP-based Load Generator
A high-performant traffic generator, designed to be as convenient and reliable as it is possible. It sends numerous UDP-packets to a server, thereby simulating an activity that can be produced by your end users or a group of hackers. Installation From package registry This command will download t...
Google Makes it Tough for Rogue App Developers Get Back on Android Play Store
Even after Google's security oversight over its already-huge Android ecosystem has evolved over the years, malware apps still keep coming back to Google Play Store. Sometimes just reposting an already detected malware app from a newly created Play Store account, or using other developers' existin...
Linux/x86 - MMX-PUNPCKLBW Encoder Shellcode (61 bytes)
INTRO Exploit Title: MMX-PUNPCKLBW Encoder Description: Payload encoder using MMX PUNPCKLBW instruction Date: 13/04/2019 Exploit Author: Petr Javorik Tested on: Linux ubuntu 3.13.0-32-generic x86 Shellcode length: 61 ENCODER !/usr/bin/env python stack execve SHELLCODE = bytearray...
GodOfWar - Malicious Java WAR Builder With Built-In Payloads
A command-line tool to generate war payloads for penetration testing / red teaming purposes, written in ruby. Features Preexisting payloads. try -l/--list cmdget filebrowser bindshell reverseshell reverseshellui Configurable backdoor. try --host/-port Control over payload name. To avoid malicious...
The vulnerability of the Kernel Mode Driver component of the Intel Graphics Driver allows a hacker to trigger a service failure.
The vulnerability of the Kernel Mode Driver component in Intel Graphics Drivers exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to cause system failures...
The vulnerability of the Kernel Mode Driver component in Intel Graphics Drivers allows attackers to compromise the confidentiality of protected information.
The vulnerability of the Kernel Mode Driver component in Intel Graphics Drivers exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to compromise the confidentiality of protected information...
The vulnerability of the Kernel Mode Driver component of the Intel Graphics Driver allows a hacker to trigger a service failure.
The vulnerability of the Kernel Mode Driver component in Intel Graphics Drivers exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Intel Graphics Driver lies in its insufficient validation of input data, which allows attackers to trigger a service failure.
The vulnerability of the User Mode Driver component of Intel Graphics Drivers exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to cause a system failure...
Chkdfront - Check Domain Fronting
chkdfront checks if your domain fronting is working by testing the targeted domain fronted domain against your domain front domain. Features Checking your domain fronted against the domain front. Searching an expected string in the response to indicate success. Showing troubleshooting suggestions...
Grasp the window of opportunity: see how do I get Chrome 1-day vulnerabilities and achieve the use-vulnerability warning-the black bar safety net
Overview For Chrome to say, when the discovery of a vulnerability, the first in the v8 source tree to be repaired, and then re-release a new stable version of Chrome, and in both during the process, the attacker can completely for a particular vulnerability, the development of a usable exploit...
MikroTik RouterOS Directory Traversal Vulnerability
MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. A directory traversal vulnerability in MikroTik RouterOS Stable 6.43.12 and earlier, Long-term 6.42.12 and earlier...
CVE-2019-0034
CVE-2019-0034 is rejected/not used; the entry was withdrawn and does not represent a vulnerability.
mXtract v1.2 - Memory Extractor & Analyzer
mXtract is an opensource linux based tool that analyzes and dumps memory. It is developed as an offensive pentration testing tool, its primary purpose is to scan memory for private keys, ips, and passwords using regexes. Remember, your results are only as good as your regexes. Screenshots Scan wi...
DefectDojo v1.5.4 - Application Vulnerability Correlation And Security Orchestration Application
DefectDojo is a security program and vulnerability management tool. DefectDojo allows you to manage your application security program, maintain product and application information, schedule scans, triage vulnerabilities and push findings into defect trackers. Consolidate your findings into one...
AIDA64 Extreme 5.99.4900 - Logging SEH Buffer Overflow
AIDA64 Extreme 5.99.4900 - Logging SEH Buffer Overflow !/usr/bin/python Exploit Title: AIDA64 Extreme 5.99.4900 - Logging SEH Buffer Overflow Date: 2019-04-02 Vendor Homepage: https://www.aida64.com Software Link: http://download.aida64.com/aida64extreme599.exe Mirror Link :...