Dear InfoSec Gurus,
Hardwear.io Security Conference and Training is a platform for hardware and
security community where researchers showcase and discuss their innovative
research on attacking and defending hardware.
Submission Topics
hardwear.io accepts papers on any topic that discusses
#!/usr/bin/python
# Exploit Title: SphereFTP Server v2.0 Remote Denial of Service
Vulnerability
# Date: 2019-31-03
# Exploit Author: Sachin Wagh (@tiger_tigerboy)
# Software Link: http://www.menasoft.com/sphereftp/sphereftp_win32_v20.zip
# Tested on: Windows 10 64-bit
import socket
import sys
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Dell EMC Product Taxonomy IsilonSD Management Server
Role Security Advisory Technically Signed Off by
Product ManagementJohn Harr
Engineering Team Phillip Nordwall
Program Management David Geijsbeek
Service Product Lead
Description
===
NICE Engage is an interaction recording platform. The default configuration in
versions <= 6.5 (and possible higher) binds an unauthenticated JMX/RMI
interface to all network interfaces, without restricting registration of
MBeans, which allows remote attackers to execute
Dear subscribers,
we're sharing our latest advisory with you and like to thank everyone who
contributed in finding and solving those vulnerabilities. Feel free to join our
bug bounty programs (appsuite, dovecot, powerdns) at HackerOne.
Yours sincerely,
Martin Heiland, Open-Xchange GmbH
>
> Uniqkey Password Manager 1.14 contains a vulnerability which causes remote
> credential disclosure under certain conditions.
>
CVE-2019-10676
>
> ---
>
>
===
title: Multiple Vulnerabilities
product: Lupusec XT2 Plus Main Panel
version: Firmware 0.0.2.19E
homepage: https://www.lupus-electronics.de/
found: 01/2019
