CVE VULNERABILITIES

Vuln: Fuji Electric Alpha7 PC Loader Out-of-Bounds Read Denial of Service Vulnerability

Fuji Electric Alpha7 PC Loader Out-of-Bounds Read Denial of Service Vulnerability Bugtraq ID: 108359 Class: Boundary Condition Error CVE: CVE-2019-10975 Remote: No Local: Yes Published: May 16 2019 12:00AM Updated: May 16 2019 12:00AM Credit: kimiya of 9SG Security Team, working with Trend Micro Zero Day Initiative Vulnerable: Fuji Electric Alpha7 PC Loader 1.1 Not […]

TIPS WORLD ВРАЗЛИВОСТІ

JWT Tool – A Toolkit For Testing, Tweaking And Cracking JSON Web Tokens

jwt_tool.py is a toolkit for validating, forging and cracking JWTs (JSON Web Tokens). Its functionality includes: Checking the validity of a token Testing for the RS/HS256 public key mismatch vulnerability Testing for the alg=None signature-bypass vulnerability Testing the validity of a secret/key/key file Identifying weak keys via a High-speed Dictionary Attack Forging new token header […]

TIPS WORLD ВРАЗЛИВОСТІ

Trigmap – A Wrapper For Nmap To Automate The Pentest

Trigmap is a wrapper for Nmap. You can use it to easily start Nmap scan and especially to collect informations into a well organized directory hierarchy. The use of Nmap makes the script portable (easy to run not only on Kali Linux) and very efficient thanks to the optimized Nmap algorithms.DetailsTrigmap can performs several tasks […]

CVE VULNERABILITIES

Vuln: Mozilla Firefox MFSA2017-27 Multiple Security Vulnerabilities

Mozilla Firefox MFSA2017-27 Multiple Security Vulnerabilities Bugtraq ID: 102039 Class: Unknown CVE: CVE-2017-7843CVE-2017-7844 Remote: Yes Local: No Published: Nov 29 2017 12:00AM Updated: May 15 2019 05:00PM Credit: Konark,Daniel Jackson. Vulnerable: Mozilla Firefox 53.0.2Mozilla Firefox 50.0.2Mozilla Firefox 50.0.1Mozilla Firefox 43.0.2Mozilla Firefox 43.0.1Mozilla Firefox 41.0.2Mozilla Firefox 39.0.3Mozilla Firefox 37.0.2Mozilla Firefox 37.0.1Mozilla Firefox 36.0.4Mozilla Firefox 31.8Mozilla Firefox […]

CVE VULNERABILITIES

Vuln: Dnsmasq VU#973527 Multiple Security Vulnerabilities

Bugtraq ID: 101085 Class: Failure to Handle Exceptional Conditions CVE: CVE-2017-14491CVE-2017-14492CVE-2017-14493CVE-2017-14494CVE-2017-14495CVE-2017-14496CVE-2017-13704 Remote: Yes Local: Yes Published: Oct 02 2017 12:00AM Updated: Oct 02 2017 12:00AM Credit: Felix Wilhelm, Fermin J. Serna, Gabriel Campana, Kevin Hamacher and Ron Bowes of the Google Security Team Vulnerable: Ubuntu Ubuntu Linux 17.04Ubuntu Ubuntu Linux 16.04 LTSUbuntu Ubuntu Linux 14.04 […]

CVE VULNERABILITIES

Vuln: RETIRED: Multiple Siemens SCALANCE Products Multiple Security Vulnerabilities

Multiple Siemens SCALANCE Products Multiple Security Vulnerabilities Bugtraq ID: 101977 Class: Input Validation Error CVE: CVE-2017-14491CVE-2017-14495CVE-2017-14496CVE-2017-13704 Remote: Yes Local: No Published: Nov 28 2017 12:00AM Updated: Dec 19 2017 10:37PM Credit: The vendor reported these issues. Vulnerable: Siemens SCALANCE W1750D 0Siemens SCALANCE S615 0Siemens SCALANCE M800 0 Not Vulnerable:

CVE VULNERABILITIES

Vuln: Mozilla Firefox ESR CVE-2017-7843 Security Bypass Vulnerability

Vulnerable: Mozilla Firefox ESR 52.1.1Mozilla Firefox ESR 45.5.1Mozilla Firefox ESR 38.6.1Mozilla Firefox ESR 38.5.2Mozilla Firefox ESR 38.5.1Mozilla Firefox ESR 38.1.1Mozilla Firefox ESR 31.5.3Mozilla Firefox ESR 24.1Mozilla Firefox ESR 24.0.1Mozilla Firefox ESR 17.0.10Mozilla Firefox ESR 17.0.9Mozilla Firefox ESR 17.0.7Mozilla Firefox ESR 17.0.6Mozilla Firefox ESR 17.0.5Mozilla Firefox ESR 17.0.4Mozilla Firefox ESR 17.0.3Mozilla Firefox ESR 17.0.2Mozilla Firefox ESR […]

Linux TIPS WORLD

Machinae v1.4.8 – Security Intelligence Collector

Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes, and SSL fingerprints. It was inspired by Automater, another excellent tool for collecting information. The Machinae project was born from wishing to improve Automater in 4 areas: Codebase – Bring […]

Linux TIPS WORLD

WAFW00F v1.0.0 – Detect All The Web Application Firewall!

WAFW00F identifies and fingerprints Web Application Firewall (WAF) products. How does it work?To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to […]