CMS Afroditi version 1.0 suffers from a remote blind SQL injection vulnerability.
24268d032758b3a26e8d832ca265c267accb897a59979da9cb5ffc116dcf3625
ACal version 2.2.6 suffers from authentication bypass, cross site scripting, and local file inclusion vulnerabilities.
511a1d027ab58b124b1f26063b3c337a2208eff63967679b47f5076351eb9b0c
Yersinia implements several attacks for the following protocols: Spanning Tree (STP), Cisco Discovery (CDP), Dynamic Host Configuration (DHCP), Hot Standby Router (HSRP), Dynamic Trunking (DTP), 802.1q and VLAN Trunking (VTP), helping a pen-tester with different tasks.
042abc466c5b470b97079e0049b4029a8cbb75d583cfbfb756fca76e460d40b4
Ophcrack version 3.6 local stack based buffer overflow exploit. Works on Windows 8 64-bit.
0be61e9632ecb1d28ddf2fffce00da4b5cfe5daf17694f3476753649c809805d
The call for papers for H2HC 11th edition is now open. H2HC is a hacker conference taking place in Sao Paulo, Brazil, from October 18th through the 19th, 2014.
c0abc031dca8e02aaf8118e1e54cd66c1f8ff98c68ffff71cd13fdb60b178bb0
This program maps memory pages to the low range above 64k to avoid conflicts with /proc/sys/vm/mmap_min_addr and then triggers the virtual-86 mode. Due to unhandled FPU errors, task switch will fail afterwards, kernel will attempt to kill other tasks when switching.
ad658d72431edc17d84f7ede3e6041ec2ef755c6e9a6f0e063d9951b0dd8656f
Debian Linux Security Advisory 2829-1 - Multiple vulnerabilities have been found in the HP Linux Printing and in PackageKit and the insecure hp-upgrade service has been disabled.
7f66cf46f3fd1529cdf09546ae8258fcde1c2abdabfa3412509c82a4b988c067
NoticeBoardPro version 1.x suffers from a remote SQL injection vulnerability.
e0f9bb7c8e1aeac55b2e064f82d87116e084600e77beaa14dc364db6bee942a9
THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.
52120bee2da3d25820f021b5c4d6fc79e220e685e2a505b74b48046b608cba8c
This Metasploit module exploits a vulnerability found in PhotoStore version 4.0.7. By abusing the uploadify.php file, a malicious user can upload a file to a temp directory without authentication, which results in arbitrary code execution.
3bdbec107d32194db2d22bea603f8df3b12edc8ee908c6cb6fb759053cc04b0b
Debian Linux Security Advisory 2828-1 - Multiple vulnerabilities have been discovered in Drupal, a fully-featured request forgery protection, insecure pseudo random number generation, code execution and incorrect security token validation.
9fca0e872421aa3d505fa144d23009d1dc2627543758b7bd99600341f0efc3ac
Gentoo Linux Security Advisory 201312-16 - A vulnerability in Xfig could result in execution of arbitrary code or Denial of Service. Versions less than 3.2.5b-r1 are affected.
329cda66c4f48a35b5aad71508c2e2994cd0c1f2425e37faf5a3f26fa4e57ef8
This is a brief write-up called Twenty Reasons Why Mass Surveillance Is Dangerous.
a3b2989e9050e8ee56d2b66ee2be1883dd4ff40472f7b0d217eb8861368e23bf
FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
37f1e7d5c241a3f4ce1e796eaace4f02f1908548c3c42a44f902f0ad2c67cf30
As prior disclosure to Snapchat has not resulted in fixes, the researchers at Gibson Security have released exploits and documentation on the previously undocumented API.
fac0b4639306a9c24f63349abdcdd3a9a44619200b2d4d71132244cce7879d9b
ipset_list is a wrapper script for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. Optionally, the output can be colorized.
3317782f2ed93f994a6fd03ed831a7bac730972a59fc5d84944923207d06687b
IBM Web Content Manager versions 6.x, 7.x, and 8.x suffer from blind XPath injection attacks. This allows an attacker to get current application configuration, enumerate nodes, and extract other valuable information from vulnerable installations of Web Content Manager.
69ed54de30dd34415932f287057413898bcb590a08bf4420d7b20ebaa5b7b2aa
This Metasploit module exploits a SQL injection vulnerability in the "explorer" action of "miq_policy" controller of the Red Hat CloudForms Management Engine 5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier) by changing the password of the target account to the specified password.
b55583d572b94d5be808ddfcb5ca09620c6e831caa6772d47ef4ca397a0d8dfc
The PhishingAlert of Safari stops functioning in Windows systems if an abnormal URL is being used.
79d05414fca80bf21d6c2eb1c842e21bb4fd3ab573ff1e90f90b60fa32541ebb
Amazon Web Services Elastic Beanstalk suffers from a code execution vulnerability.
9627d5239332fca927a6137f308067102214ba471ccb72e6c5da1b446bc2f5dc
PHPSurveyor suffers from a remote shell upload vulnerability.
1ae2be6659eceab6f2fe08517e7d5ee0c444690d71d791f904fc264c5ccdc978
Ofilter Player version 1.1 integer division by zero exploit that creates a malicious .wav file.
82448eb9a0eb3e37a6df8d7c7ac93b3401c0c63f6d2f2ebbad44bb6503c592cc
This Metasploit module exploits a stack-based buffer overflow vulnerability in version 16.0.3.51 and 16.0.2.32 of RealNetworks RealPlayer, caused by improper bounds checking of the version and encoding attributes inside the XML declaration. By persuading the victim to open a specially-crafted .RMP file, a remote attacker could execute arbitrary code on the system or cause the application to crash.
8a8a413478986610cfe01a2463f28c4cb1a4e732df507042bac07cef2741232e
WordPress Ad-minister plugin version 0.6 suffers from a cross site scripting vulnerability.
00c782cd1bf296e3d433962ceb1d7976f641f78821242d9e2dcb9de59a95273c
AskApache Firefox Adsense WordPress plugin version 3.0 suffers from a cross site request forgery vulnerability.
83e2b745be93d36c6d8f251eb3ff8e050c3d08d2693edf4929bbd4bd6f6b2a97