XIP - Tool To Generate A List Of IP Addresses By Applying A Set Of Transformations Used To Bypass Security Measures E.G. Blacklist Filtering, WAF, Etc.

XIP generates a list of IP addresses by applying a set of transformations used to bypass security measures e.g. blacklist filtering, WAF, etc. Further explaination on our blog post article Usage python3 xip.py --help Docker alternative Official image You can pull the official Drupwn image from th...

ALPINE-CVE-2019-6978

The GD Graphics Library aka LibGD 2.2.5 has a double free in the gdImagePtr functions in gdgifout.c, gdjpeg.c, and gdwbmp.c. NOTE: PHP is unaffected...

Sn0Int - Semi-automatic OSINT Framework And Package Manager

sn0int is a semi-automatic OSINT framework and package manager. It was built for IT security professionals and bug hunters to gather intelligence about a given target or about yourself. sn0int is enumerating attack surface by semi-automatically processing public information and mapping the result...

alpine-luftbild.at XSS vulnerability

Open Bug Bounty ID: OBB-714654 Description| Value ---|--- Affected Website:| alpine-luftbild.at Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidd...

CVE-2018-1000849

Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk-tools Alpine Linux' package manager that can result in Remote Code Execution. This attack appear to be exploitable via A specially crafted APK-file can cause apk to write arbitrary data ...

CVE-2018-1000849

Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk-tools Alpine Linux' package manager that can result in Remote Code Execution. This attack appear to be exploitable via A specially crafted APK-file can cause apk to write arbitrary data ...

Remote code execution

Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk-tools Alpine Linux' package manager that can result in Remote Code Execution. This attack appear to be exploitable via A specially crafted APK-file can cause apk to write arbitrary data ...

CVE-2018-1000849

Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk-tools Alpine Linux' package manager that can result in Remote Code Execution. This attack appear to be exploitable via A specially crafted APK-file can cause apk to write arbitrary data ...

CVE-2018-1000849

CVE-2018-1000849 affects Alpine Linux, where the package manager apk-tools prior to versions 2.6.10, 2.7.6, and 2.10.1 contains a vulnerability that can lead to remote code execution. The root cause is described as bugs in handling long link target names and in the extraction of regular files, al...

ALPINE-CVE-2018-18312

Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations...

ALPINE-CVE-2018-16737

tinc before 1.0.30 has a broken authentication protocol, without even a partial mitigation...

ALPINE-CVE-2018-17540

The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate...

ALPINE-CVE-2018-16062

dwarfgetaranges in dwarfgetaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted file...

ALPINE-CVE-2018-15173

Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application crash via a crafted TCP-based service...

ALPINE-CVE-2018-10906

In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allowother' mount option regardless of whether 'userallowother' is set in the fuse configuration. An attack...

ALPINE-CVE-2018-14447

trimwhitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read...

SUSE-SU-2018:1448-1 Security update for openstack-nova

This update for openstack-nova fixes the following bugs and security issues: The following security-issue has been fixed: - CVE-2017-18191: libvirt: Block swap volume attempts with encrypted volumes. bsc1081685 Additionally, the following bugs have been fixed: - Set TasksMax to infinity for...

alpine-initiative.ch XSS vulnerability

Open Bug Bounty ID: OBB-616722 Description| Value ---|--- Affected Website:| alpine-initiative.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Easy Windows and Linux cross-compilers for macOS

tl;dr: you can install cross-compiler toolchains to compile C/C++ for Windows or Linux from macOS with these two Homebrew Formulas. brew install FiloSottile/musl-cross/musl-cross brew install mingw-w64 Cross-compiling C and C++ is dreadful. While in Go you just need to set an environment variable...

ALPINE-CVE-2018-6198

w3m through 0.5.3 does not properly handle temporary files when the /.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files...