Lucene search
+L

461 matches found

Information Security Automation
Information Security Automation
added 2023/04/23 11:11 p.m.62 views

Vulristics News: EPSS v3 Support, Integration into Cloud Advisor

Vulristics News: EPSS v3 Support, Integration into Cloud Advisor. Hello everyone! This episode will focus on the news from my open source Vulristics project for vulnerability analysis and prioritization. Alternative video link for Russia: https://vk.com/video-149273431456239122 EPSS v3 The third...

9.8CVSS9.7AI score0.95845EPSS
Exploits34
Circl
Circl
added 2023/04/13 6:2 p.m.14 views

CVE-2023-23422

creationtimestamp| type| source ---|---|--- 2023-04-13 18:02:40+00:00| published-proof-of-concept| Telegram/gyCoGHimPrHuJIO4PODdzGa-SbQUX3r8l5z0rakuXLR 2023-04-18 07:16:18+00:00| published-proof-of-concept| https://t.me/RespaldoHackingTeam/1337 2023-04-18 12:11:38+00:00| seen|...

7.8CVSS7.9AI score0.00596EPSS
Exploits0References3
Kitploit
Kitploit
added 2023/04/12 12:30 p.m.48 views

QuadraInspect - Android Framework That Integrates AndroPass, APKUtil, And MobFS, Providing A Powerful Tool For Analyzing The Security Of Android Applications

The security of mobile devices has become a critical concern due to the increasing amount of sensitive data being stored on them. With the rise of Android OS as the most popular mobile platform, the need for effective tools to assess its security has also increased. In response to this need, a ne...

7.5AI score
Exploits0References3
Talos Blog
Talos Blog
added 2023/04/07 7:37 p.m.21 views

Threat Roundup for March 31 to April 7

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between March 31 and April 7. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

6.7AI score
Exploits0
GithubExploit
GithubExploit
added 2023/03/26 1:58 p.m.444 views

Exploit for Improper Access Control in Joomla Joomla\!

Joomla! information disclosure - CVE-2023-23752 exploit Explo...

5.3CVSS5.8AI score0.99827EPSS
Exploits43
Kitploit
Kitploit
added 2023/03/16 11:30 a.m.164 views

GPT_Vuln-analyzer - Uses ChatGPT API And Python-Nmap Module To Use The GPT3 Model To Create Vulnerability Reports Based On Nmap Scan Data

This is a Proof Of Concept application that demostrates how AI can be used to generate accurate results for vulnerability analysis and also allows further utilization of the already super useful ChatGPT. Requirements Python 3.10 All the packages mentioned in the requirements.txt file OpenAi api...

7.3AI score
Exploits0References1
GithubExploit
GithubExploit
added 2023/03/15 10:59 a.m.150 views

Exploit for CVE-2022-30136

CVE-2022-30136 Windows Network File System Remote exploit PoC...

10CVSS6.9AI score0.74677EPSS
Exploits3
0day.today
0day.today
added 2023/03/15 12:0 a.m.360 views

WordPress Profile Builder 3.9.0 Missing Authorization Vulnerability

WordPress Profile Builder plugin versions 3.9.0 and below suffer from a missing authorization vulnerability in wppbtoolboxusermetahandler. Description: Profile Builder – User Profile & User Registration Forms get’. Finally, the function returns the value of the retrieved ‘key’ for the given...

6.5CVSS6.9AI score0.00769EPSS
Exploits2
Information Security Automation
Information Security Automation
added 2023/02/26 4:37 p.m.98 views

Microsoft Patch Tuesday February 2023: Win Graphics RCE, Edge RCE, Publisher SFB, CLFS EoP, Exchange RCEs, Word RCE, HoloLens1

Hello everyone! This episode will be about Microsoft Patch Tuesday for February 2023, including vulnerabilities that were added between January and February Patch Tuesdays. Alternative video link for Russia: This month I decided to change the format a bit. Now I share my impression of Microsoft...

7.5CVSS8.9AI score0.82302EPSS
Exploits18
Circl
Circl
added 2023/02/08 10:25 p.m.9 views

CVE-2023-0217

creationtimestamp| type| source ---|---|--- 2023-02-08 22:25:20+00:00| seen| https://t.me/cibsecurity/57791 2023-02-10 14:55:06+00:00| seen| https://t.me/truesecator/4053 2025-03-06 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-065-01...

7.5CVSS7.4AI score0.01846EPSS
Exploits0References3
Code423n4
Code423n4
added 2023/01/22 12:0 a.m.10 views

Exploring the Vulnerabilities of Seaport: A Technical Analysis of a Fake Signature Attack on Non-Fungible Tokens

Lines of code Vulnerability details Impact This finding aims to provide a comprehensive analysis of the sc4m trend, which emerged in August 2022, and has since been a prevalent issue in the WEB3 space. Despite efforts to combat this phenomenon, bad actors continue to engage in illicit activities,...

7.2AI score
Exploits0
Gitee
Gitee
added 2022/12/10 7:28 p.m.7 views

Exploit for Use of Hard-coded Cryptographic Key in Apache Aurora

This repository is an open-source project called "Attack-Defense ThinkTank" openKylin, which is a community-driven platform for sharing knowledge and research on attack and defense techniques. The project is hosted on Gitee, a Chinese version of GitHub. The repository contains various articles an...

9.8CVSS6.6AI score0.92988EPSS
Exploits9
Kitploit
Kitploit
added 2022/09/18 11:30 a.m.44 views

FISSURE - Frequency Independent SDR-based Signal Understanding and Reverse Engineering

Frequency Independent SDR-based Signal Understanding and Reverse Engineering FISSURE is an open-source RF and reverse engineering framework designed for all skill levels with hooks for signal detection and classification, protocol discovery, attack execution, IQ manipulation, vulnerability...

7.5AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/09/06 12:0 a.m.5 views

PT-2022-16417 · Unknown · Dlpfde.Sys

Name of the Vulnerable Software and Affected Versions: dlpfde.sys affected versions not specified Description: The issue enables a logged-in user to make system calls, potentially causing a kernel stack overflow. This can result in a system crash, such as a BSOD. Recommendations: At the moment,...

6.5CVSS6.2AI score0.00189EPSS
Exploits0References2
Wordfence Blog
Wordfence Blog
added 2022/08/30 9:3 p.m.24 views

WordPress Core 6.0.2 Security & Maintenance Release – What You Need to Know

On August 30, 2022, the WordPress core team released WordPress version 6.0.2, which contains patches for 3 vulnerabilities, including a High Severity SQLi vulnerability in the Links functionality as well as two Medium Severity Cross-Site Scripting vulnerabilities. These patches have been backport...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2022/07/21 12:30 p.m.54 views

RESim - Reverse Engineering Software Using A Full System Simulator

Reverse engineering using a full system simulator. Dynamic analysis by instrumenting simulated hardware using Simics Trace process trees, system calls and individual programs Reverse execution to selected breakpoints and events Integrated with IDA Protm debugging client Fuzz with a customized AFL...

7.9AI score
Exploits0References3
Kitploit
Kitploit
added 2022/05/14 12:30 p.m.34 views

BWASP - BoB Web Application Security Project

The BoB Web Application Security Project BWASP is an open-source, analysis tool to support for Web Vulnerability Manual Analysis hackers. The BWASP tool basically provides predicted information through vulnerability analysis without proceeding with an attack. BWASP supports performing automated...

7.6AI score
Exploits0References13
GithubExploit
GithubExploit
added 2022/04/02 3:27 a.m.1125 views

Exploit for Out-of-bounds Write in Linux Linux_Kernel

CVE-2022-1015 This repository contains a PoC for local privil...

6.6CVSS6.8AI score0.01467EPSS
Exploits10
Rapid7 Blog
Rapid7 Blog
added 2022/03/28 12:30 p.m.3505 views

Analyzing the Attack Landscape: Rapid7’s 2021 Vulnerability Intelligence Report

Every year, our research team at Rapid7 analyzes thousands of vulnerabilities to understand root causes, dispel misconceptions, and explain why some flaws are more likely to be exploited than others. By continuously reviewing the vulnerability landscape and sharing our research team’s insights, w...

9.3CVSS0.3AI score0.99999EPSS
Exploits362
Schneier on Security
Schneier on Security
added 2022/03/21 3:22 p.m.21 views

Developer Sabotages Open-Source Software Package

This is a big deal: A developer has been caught adding malicious code to a popular open-source package that wiped files on computers located in Russia and Belarus as part of a protest that has enraged many users and raised concerns about the safety of free and open source software. The applicatio...

0.9AI score
Exploits0
Rows per page
Query Builder