Odin Secure FTP Expert version 7.6.3 suffers from a denial of service vulnerability.
3a1f3beac853f307a3dec540dfb41e2f7a1608f74b3bdcb720afcaa8658f97ec
The F-SECURE parsing engine supports the GZIP Archive. The parsing engine can be bypassed by manipulating a GZIP archive (Compression Method). This way the User can extract the file but the AV Engine cannot giving the file a clean pass. Various products and versions are affected.
fbec8e3dcdca05c0034af0f09e6fb074d27522a6d8e9187b70e6a9d79f55cbb6
Magento WooCommerce CardGate Payment Gateway version 2.0.30 suffers from a payment process bypass vulnerability.
faccc20610a3a485e40c8340014f14252b181308de06bde1189b8099b5152e83
WordPress WooCommerce CardGate Payment Gateway plugin version 3.1.15 suffers from a payment process bypass vulnerability.
a79f6e70d79d0bbd251fcd42cf7519f4652fb1db94246fdb6a843e6050ef98cc
Red Hat Security Advisory 2020-0569-01 - OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Issues addressed include a buffer overflow vulnerability.
ac8780ccf7ec8b034e2d6101dbc82ae39cb422eb9e25972542de67c83c777922
Red Hat Security Advisory 2020-0568-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability was addressed.
5de0bbb6699431ef7e8cbd8a14c69a7099f6565c7ff8b2acdd2da3274058a2e7
aSc TimeTables version 2020.11.4 suffers from a denial of service vulnerability.
e516cbc6065b4c0b943f8929990fe4df684ca4d488ed7fd5eaf9cf50da511873
SpotFTP-FTP Password Recover version 2.4.8 suffers from a denial of service vulnerability.
5e41cf6c43c67e460d79ebf01edc185c230c3d47dcc1b268f45f86d884c4fad9
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.
059f778453ebf05b38e9c6c837d3b3eb9b8921c8fdc6d4029df89f2b0e84f5b7
Revotech I6032B-P POE 1920x1080P 2.0MP outdoor camera remote configuration disclosure exploit.
2dd95f8f62e44d9656a918eb11e037b6c49bdd6aefe12a1672dba2e61ed3ed0c
ACE SECURITY WiP-90113 HD Camera remote configuration disclosure exploit.
6916b07ac8bcc724cf06bc0d61dfb00e6fc86ec46c67c3d7bc120ee01f3ea142
SecuSTATION IPCAM-130 HD Camera remote configuration disclosure exploit.
5248a332c14173ed932ac2f2b69e6a33ef94ff538449017e209642aa506091a7
Android Binder use-after-free exploit.
8311b9bec91595d2878834472570bf80e596b211d30a53cac581c4c7c5478c85
CandidATS version 2.1.0 suffers from a cross site request forgery vulnerability.
8a5d41eefc55ecf696f83456d882d33e724246603c39694a0a9b773a9a12e6b4
DotNetNuke CMS version 9.4.4 suffers from zip split issue where a directory traversal attack can be performed to overwrite files or execute malicious code.
d7f640e068cc427c77cf0775692e1b37581935a6fffb794aa7b0884bad7c39e4
Whitepaper called The Shellshock Attack. It covers all of the required topics for understanding the Shellshock vulnerability. The proof of concept will help visualize and perform the attack in a virtual scenario to understand the attack vector and the process of exploitation.
911ddfdb2d8d3316d578473484a868f3f33c7e8b474aaaa190e0818ebd06ea42
eLection version 2.0 suffers from a remote SQL injection vulnerability.
b8a7a60bf9f292c7b2a6a5f5c286439e0f6a8c97ea9b8db5bcbd4e31a8376de6
DotNetNuke CMS version 9.5.0 suffers from file extension check bypass vulnerability that allows for arbitrary file upload.
3ebf9bd3e2a530a983c3320a442ce6dc9f95b838d5b8220e87da6bd1463f660b
Cross site scripting attacks can be launched against DotNetNuke CMS version 9.5.0 by uploading a malicious XML file.
684ec5f82a14d391aa0415bab3df31b22c06b2ee51e1001641a742fe6b4c2b9e
Quick N Easy Web Server versions 3.3.8 and below suffer from a denial of service vulnerability.
9ff50e2bb29ee8fefd1dd5066887df5f5a6c1af6b6eb8a6564ce004d6bcd606f
Avaya IP Office Application Server version 11.0.0.0 suffers from a cross site scripting vulnerability.
141b96e0c0fbd22625053771848ee88f46c4cf8fe74eb8f95012ee46b330dd2d
This document is intended for students and security professionals as a quick reference for networking protocols. It covers 50 protocols classified according to the OSI Layer they operate on. The corresponding RFC has been provided to further check for parameters / commands of a particular protocol. From a security perspective, the corresponding attacks / vulnerabilities are also included in this cheatsheet.
4ae048d7061779872feeaba89b1f42cb9adcbb7b27fd89275e80e93dd0279d75
Whitepaper called SCADA Modbus Vulns. Written in Turkish.
8633097aedb819d866366ea6b177ddcb62a9f9417f7e399797c30cf58701f612
ManageEngine EventLog Analyzer version 10.0 suffers from an information disclosure vulnerability.
2f996c0ff60c3960ca9dd388e6e18f3a81c90061a56fad8a8d4e73bd747bfcc3
ATutor version 2.2.4 suffers from a remote SQL injection vulnerability.
e1926912b31ec559709af89d502a88acfe99b72aab9f35f9d21f289e65d21149