Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying entries 1 - 10 of 48001 in total

Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution Exploit

Disclosed: April 08, 2014

This module takes advantage of two vulnerabilities in order to gain remote code execution as root as an otherwise non-privileged authorized user. By taking advantage of a mass assignment vulnerability that allows an unprivileged authenticated user to change the admininistrator's password hash, the module updates the passw...

OpenSSL Heartbeat (Heartbleed) Information Leak Exploit

Disclosed: April 07, 2014

This module implements the OpenSSL Heartbleed attack. The problem exists in the handling of heartbeat requests, where a fake length can be used to leak memory data in the response. Services that support STARTTLS may also be vulnerable.

OpenSSL Heartbeat (Heartbleed) Client Memory Exposure Exploit

Disclosed: April 07, 2014

This module provides a fake SSL service that is intended to leak memory from client systems as they connect. This module is hardcoded for TLS/1.1 using the AES-128-CBC-SHA1 cipher.

eScan Web Management Console Command Injection Exploit

Disclosed: April 04, 2014

This module exploits a command injection vulnerability found in the eScan Web Management Console. The vulnerability exists while processing CheckPass login requests. An attacker with a valid username can use a malformed password to execute arbitrary commands. With mwconf privileges, the runasroot utility can be abused to ...

MS14-017 Microsoft Word RTF Object Confusion Exploit

Disclosed: April 01, 2014

This module creates a malicious RTF file that when opened in vulnerable versions of Microsoft Word will lead to code execution. The flaw exists in how a listoverridecount field can be modified to treat one structure as another. This bug was originally seen being exploited in the wild starting in April 201...

PostgreSQL class C vulnerability in core server: CVE-2014-0060 Vulnerability

  • Severity: 4
  • Published: March 31, 2014

PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command.

...