7422 matches found
CVE-2016-0484
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Test Manager for Web Apps. NOTE: the previous information is from the Januar...
Network Time Protocol ntpq Special Character Filtering Vulnerability
Summary The ntpq saveconfig command does not do adequate filtering of special characters from the supplied filename. Only back slash and forward slash are currently filtered out. There are other special characters that are allowed in the filename which can cause issues during globbing. In additio...
Multi protocol Test Suite
MTS Multi protocol Test Suite is a multi protocol testing tool specially designed for telecom IP-based architectures. With MTS Multi protocol Test Suite you get the powerful tool to: Test protocols with functional and regression tests Test load endurance and stress tests Simulate all network...
Penbox - A Tool That Has All The Tools, Penetration Tester'S Repo
PenBox A Penetration Testing Framework , The Hacker's Repo our hope is in the last version we will have evry script that a hacker needs : Requirements Python 2 sudoer Versions Version v1.1 : DrupalHacking : 1: Drupal Bing Exploiter 2: Get Drupal Websites 3: Drupal Mass Exploiter PrivatTools: 1 Ge...
General Motors GM Vulnerability Disclosure Program
General Motors’ new vulnerability disclosure program puts it alongside Tesla as the only major automakers with a mechanism for security researchers to report flaws. Unlike Tesla’s program, however, GM’s does not offer a monetary reward. GM launched its program last week via the HackerOne platform...
Hackazon - A Modern Vulnerable Web App
Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications. Hackazon has an AJAX interface, strict workflows and RESTful API’s used by a companion mobile app providing uniquely-effective training and...
[SECURITY] Fedora 23 Update: jenkins-1.625.3-1.fc23
Jenkins is an award-winning, cross-platform, continuous integration and continuous delivery application that increases your productivity. Use Jenkins to build and test your software projects continuously making it easier for developers to integrate changes to the project, and making it easier for...
HackerOne: HackerOne is still prone to Internet Explorer UXSS
Hi, I have managed to leverage CVE 2015-0072, so that the attack will work with any framed resource protected by X-Frame-Options: DENY header. According to 103787, only https://hackerone.com/cdn-cgi/trace was unprotected and now its already fixed. In my PoC I used several X-Frame-Options protecte...
InterPhoto 2.3.0 Persians Database Disclosure
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : http://0day.today 0 1 + Support e-mail :...
NASA Cross Site Scripting
Exploit Title : NASA Subdomain XSS Vulnerability Exploit Author : 4TT4CK3R Date : 2015/12/27 Tested on : Kali linux , Windows 8.1 Vendor HomePage : https://ghrc.nsstc.nasa.gov/ Google Dork : No Category : Web Application : Vulnerable Location :https://ghrc.nsstc.nasa.gov/hydro/search.pl : Using...
JexBoss - Jboss Verify And Exploitation Tool
JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server. Requirements Python = 2.7.x Installation To install the latest version of JexBoss, please use the following commands: git clone https://github.com/joaomatosf/jexboss.git cd jexboss python jexboss.py Features...
DSA-3430-1 libxml2 - security update
Bulletin has no description...
[SECURITY] Fedora 22 Update: jenkins-1.609.3-4.fc22
Jenkins is an award-winning application that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Among those things, current Jenkins focuses on the following two jobs: - building/testing software projects continuously. In a nutshell, Jenkins provides an...
[SECURITY] Fedora 22 Update: dnsperf-2.0.0.0-19.fc22
This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf1 and resperf1 man pages...
Modern Vulnerable Web App: Hackazon
Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications. Hackazon has an AJAX interface, strict workflows and RESTful API’s used by a companion mobile app providing uniquely-effective training and...
[SECURITY] Fedora 23 Update: dnsperf-2.0.0.0-19.fc23
This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf1 and resperf1 man pages...
DSA-3337-2 gdk-pixbuf - security update
Bulletin has no description...
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - _FXCLI_GetConfFileChunk Stack Buffer Overflow E
Exploit for windows platform in category dos / poc !/usr/bin/python Title: IBM Tivoli Storage Manager FastBack Server 5.5.4.2 FXCLIGetConfFileChunk Stack Buffer Overflow Vulnerability Date: 14 December 2015 Author: Gianni Gnesa gnix Vendor Homepage: http://www.ibm.com/ Software Name: IBM Tivoli...
Yahoo mail released to fix XSS attack vulnerability-vulnerability warning-the black bar safety net
Recently, in Yahoo is also considering whether to spin-off Alibaba shares, even in consideration of the sale of Yahoo's core business, including Yahoo mail, sports, website, and advertising technology, Yahoo mail, announced currently the repair had previously been found but not released one...
Honeywell Midas gas detector is exposed to serious vulnerabilities, and then to industrial safety Alarm bell-vulnerability warning-the black bar safety net
! Well-known high-tech manufacturing company Honeywell recently released a firmware update package to fix Midas gas detector of two high-risk vulnerabilities. This is a turnover of 3 0 0 the multi-billion-dollar diversified technology and manufacturing company in the world has its business...