HOME

Featured Articles

Mp3splt 2.6.2 crafted Denial Of Service Vulnerability

mp3splt is a command line utility to split mp3 and ogg files without decoding.A fuzz on it discovered a NULL pointer access.

September 20, 2017

WordPress 4.7.1 commands Execute Code Sql Injection Vulnerability

WordPress is prone to a SQL injection vulnerability.This allows remote attackers to execute arbitrary SQL commands via certain vulnerable vectors.

August 21, 2017

Trend Micro Smart Protection Server 3 webapps Execute Code Vulnerability

Trend Micro Smart Protection Server is prone to a local code-execution vulnerability.This allows a local attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.

September 18, 2017

Oracle Partner Management 12.1.1 HTTP Remote Code Execution Vulnerability

A remote user can exploit a flaw in the Oracle Partner Management User Interface component to partially modify data

September 27, 2017

Security News

McAfee ePolicy Orchestrator Cloud update fixes multiple Cross-Site Request Forgery Vulnerabilities

Clustered Data ONTAP 9.0 and higher Denial of Service Vulnerability

LCDS LAquis SCADA prior to version 4.1.0.4150 Remote Code Execution Vulnerability

Oracle Universal Work Queue 12.1.1 accessible Remote Code Execution Vulnerability

Oracle Universal Work Queue is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.

Cryptopp Crypto++ 5.6.4 octets Remote Code Execution Vulnerability

Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a memory block based on the length field of the ASN.1 object. If there is not enough content octets in the ASN.1 object, then the function will fail and the memory block will be zeroed even if its unused. There is a noticeable delay during the wipe for a large allocation.

HOME

Featured Articles

Mp3splt 2.6.2 crafted Denial Of Service Vulnerability

WordPress 4.7.1 commands Execute Code Sql Injection Vulnerability

Trend Micro Smart Protection Server 3 webapps Execute Code Vulnerability

Oracle Partner Management 12.1.1 HTTP Remote Code Execution Vulnerability

Security News

McAfee ePolicy Orchestrator Cloud update fixes multiple Cross-Site Request Forgery Vulnerabilities

Clustered Data ONTAP 9.0 and higher Denial of Service Vulnerability

LCDS LAquis SCADA prior to version 4.1.0.4150 Remote Code Execution Vulnerability

Oracle Universal Work Queue 12.1.1 accessible Remote Code Execution Vulnerability

Cryptopp Crypto++ 5.6.4 octets Remote Code Execution Vulnerability

Tools

‘Apache mod_rewrite Vulnerability PoC’

‘netsniff-ng – A Linux Network Analyzer and Networking Toolkit’

‘Simple Local File Inclusion Exploiter’

‘NiX A Linux Brute Forcer’

Exploits

BlueBorne Kernel version v3.3-rc1 Denial Of Service Vulnerability

X5 Webserver 5.0 Remote Denial Of Service Exploit

E-Journal (Old Version) Multiple Vulnerabilities

C.P.Sub Multiple Default Credentials Vulnerability

Unix

‘ProFTPD Response Pool Use-After-Free Code Execution Vulnerability’

‘Insight Control for Linux Multiple Vulnerabilities’

‘HP-UX Running NFS/ONCplus Denial of Service Vulnerability’

‘HP-UX Running BIND Denial of Service Vulnerability 2011’

‘HP-UX Running XNTP Denial of Service Vulnerability’

Windows NT

Microsoft Office Use After Free Memory Corruption Vulnerabilities

Microsoft Windows Local Privilege Escalation Vulnerabilities

Microsoft Internet Explorer Cross-Domain Information Disclosure Vulnerabilities

Microsoft Internet Explorer Execute Arbitrary Code Remote Memory Corruption Vulnerabilities

Brought to you by:

Categories

TyphoonCon 2019 // All offensive security conference

Stay up-to-date

Recent Posts