#exploit
1. CVE-2021-31184:
Information disclosure in Microsoft Windows
Infrared Data Association (IrDA)
https://github.com/waleedassar/CVE-2021-31184
2. CVE-2021-22545:
A CVE from BinDiff & IDA Pro
https://jhftss.github.io/CVE-2021-22545
1. CVE-2021-31184:
Information disclosure in Microsoft Windows
Infrared Data Association (IrDA)
https://github.com/waleedassar/CVE-2021-31184
2. CVE-2021-22545:
A CVE from BinDiff & IDA Pro
https://jhftss.github.io/CVE-2021-22545
GitHub
GitHub - waleedassar/CVE-2021-31184
Contribute to waleedassar/CVE-2021-31184 development by creating an account on GitHub.
OSINT: Cómo detectar que tu cuenta de Telegram ha sido bloqueada
http://feedproxy.google.com/~r/elladodelmal/~3/q555kcJL_w8/osint-como-detectar-que-tu-cuenta-de.html
http://feedproxy.google.com/~r/elladodelmal/~3/q555kcJL_w8/osint-como-detectar-que-tu-cuenta-de.html
Elladodelmal
OSINT: Cómo detectar que tu cuenta de Telegram ha sido bloqueada
Blog personal de Chema Alonso (CDO Telefónica, 0xWord, MyPublicInbox, Singularity Hackers) sobre seguridad, hacking, hackers y Cálico Electrónico.
Los grupos de ramsoware han adoptado exploits para PrintNightmare. https://t.co/VHgOq7SpmV
phaser – Automated attack surface mapper and vulnerability scanner
https://reconshell.com/phaser-automated-attack-surface-mapper-and-vulnerability-scanner/
https://reconshell.com/phaser-automated-attack-surface-mapper-and-vulnerability-scanner/
Penetration Testing Tools, ML and Linux Tutorials
phaser - Automated attack surface mapper and vulnerability scanner - Penetration Testing Tools, ML and Linux Tutorials
Phaser is a high-performance and automated attack surface mapper and vulnerability scanner. Just point it to a target, and it will autimagically generate a
Rapid7 discloses a new UNPATCHED vulnerability (CVE-2021-22123) in Fortinet's Fortiweb Web Application Firewall (WAF) appliances that could be exploited by a remote, authenticated attacker to execute malicious commands on the system.
Read: https://thehackernews.com/2021/08/unpatched-remote-hacking-zero-day-flaw.html
Read: https://thehackernews.com/2021/08/unpatched-remote-hacking-zero-day-flaw.html
Vulnerabilidad crítica afecta a millones de dispositivos IoT
https://blog.segu-info.com.ar/2021/08/vulnerabilidad-critica-afecta-millones.html
https://blog.segu-info.com.ar/2021/08/vulnerabilidad-critica-afecta-millones.html
Segu-Info - Ciberseguridad desde 2000
Vulnerabilidad crítica afecta a millones de dispositivos IoT
Cisco Releases Security Updates for Multiple Products
Original release date: August 19, 2021
https://us-cert.cisa.gov/ncas/current-activity/2021/08/19/cisco-releases-security-updates-multiple-products
Original release date: August 19, 2021
https://us-cert.cisa.gov/ncas/current-activity/2021/08/19/cisco-releases-security-updates-multiple-products
us-cert.cisa.gov
Cisco Releases Security Updates for Multiple Products | CISA
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco…
📃 "¿Cómo funciona ARPspoof?" https://www.welivesecurity.com/la-es/2014/02/11/como-funciona-arpspoof/
WeLiveSecurity
¿Cómo funciona ARPspoof?
ARPspoof es una técnica usada comúnmente por atacantes en redes internas para ataques MITM, DOS o para explotar algún fallo en la victima para obtener acceso al equipo en combinación con técnicas como DNSspoof y sniffing, entre otras. Address Resolution Protocol…
Cisco Expressway Series and TelePresence Video Communication Server Remote Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewrce-QPynNCjh?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Expressway%20Series%20and%20TelePresence%20Video%20Communication%20Server%20Remote%20Code%20Execution%20%20Vulnerability&vs_k=1
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as the root user.
This vulnerability is due to incorrect handling of certain crafted software images that are uploaded to the affected device. An attacker could exploit this vulnerability by authenticating to the system as an administrative user and then uploading specific crafted software images to the affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewrce-QPynNCjh
Security Impact Rating: Medium
CVE: CVE-2021-34716
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewrce-QPynNCjh?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Expressway%20Series%20and%20TelePresence%20Video%20Communication%20Server%20Remote%20Code%20Execution%20%20Vulnerability&vs_k=1
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as the root user.
This vulnerability is due to incorrect handling of certain crafted software images that are uploaded to the affected device. An attacker could exploit this vulnerability by authenticating to the system as an administrative user and then uploading specific crafted software images to the affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewrce-QPynNCjh
Security Impact Rating: Medium
CVE: CVE-2021-34716
Cisco
Cisco Security Advisory: Cisco Expressway Series and TelePresence Video Communication Server Remote Code Execution Vulnerability
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as the root…
[webapps] Charity Management System CMS 1.0 - Multiple Vulnerabilities
Charity Management System CMS 1.0 - Multiple Vulnerabilities
https://www.exploit-db.com/exploits/50217
Charity Management System CMS 1.0 - Multiple Vulnerabilities
https://www.exploit-db.com/exploits/50217
Exploit Database
Charity Management System CMS 1.0 - Multiple Vulnerabilities
Charity Management System CMS 1.0 - Multiple Vulnerabilities.. webapps exploit for PHP platform
Internet Systems Consortium (ISC) fixes High-Severity DoS flaw in BIND DNS Software
The Internet Systems Consortium (ISC) addressed a high-severity denial-of-service (DoS) flaw (CVE-2021-25218) affecting the BIND DNS software.
The Internet Systems Consortium (ISC) has released security updates to address a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2021-25218, that affects its BIND DNS software.
https://securityaffairs.co/wordpress/121316/security/bind-dns-dos-flaw.html
The Internet Systems Consortium (ISC) addressed a high-severity denial-of-service (DoS) flaw (CVE-2021-25218) affecting the BIND DNS software.
The Internet Systems Consortium (ISC) has released security updates to address a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2021-25218, that affects its BIND DNS software.
https://securityaffairs.co/wordpress/121316/security/bind-dns-dos-flaw.html
Security Affairs
Internet Systems Consortium (ISC) fixes High-Severity DoS flaw in BIND DNS Software
The Internet Systems Consortium (ISC) addressed a high-severity denial-of-service (DoS) flaw (CVE-2021-25218) affecting the BIND DNS software.
CISA emite orientación sobre la protección de datos frente al ransomware
https://blog.segu-info.com.ar/2021/08/cisa-emite-orientacion-sobre-la.html
https://blog.segu-info.com.ar/2021/08/cisa-emite-orientacion-sobre-la.html
Segu-Info - Ciberseguridad desde 2000
CISA emite orientación sobre la protección de datos frente al ransomware
AdbNet - An Exploitation Framework for android devices
#AdbNet #ADB #Exploitation #Framework #Android #Exploit
https://reconshell.com/adbnet-an-exploitation-framework-for-android-devices/
#AdbNet #ADB #Exploitation #Framework #Android #Exploit
https://reconshell.com/adbnet-an-exploitation-framework-for-android-devices/
Penetration Testing Tools, ML and Linux Tutorials
AdbNet - An Exploitation Framework for android devices - Penetration Testing Tools, ML and Linux Tutorials
Create an account on censys.io and then go to your account page and get your free api_id and api_secret key and open 'adbnet.py' and edit in your api id and
ExploitDB Just tweeted ****************************************** [webapps] Laundry Booking Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS) https://t.co/z8NMTKINbo
Exploit Database
Laundry Booking Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
Laundry Booking Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS).. webapps exploit for PHP platform