CVE-2020-24612

An issue was discovered in the selinux-policy aka Reference Policy package 3.14 through 2020-08-24 because the .config/Yubico directory is mishandled. Consequently, when SELinux is in enforced mode, pam-u2f is not allowed to read the user's U2F configuration file. If configured with the nouserok...

PT-2020-15683 · Trousers +6 · Trousers +6

Name of the Vulnerable Software and Affected Versions: TrouSerS versions prior to 0.3.14 Description: An issue was discovered where the tss user still has read and write access to the /etc/tcsd.conf file, which contains various settings related to the tcsd daemon, if the daemon is started with ro...

CVE-2020-15099

In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, in a case where an attacker manages to generate a valid cryptographic message authentication code HMAC-SHA1 - either by using a different existing vulnerability or in case t...

The vulnerability of the config_file() function in the procps-ng command-line utility allows a hacker to escalate their privileges.

The vulnerability of the configfile function in the procps-ng command-line utility is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious individual to increase their privileges...

Unspecified Vulnerability in CloudBees Jenkins TestComplete support Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software release/testing projects and some timed tasks . TestComplete support Plugin is used in one of the un...

Mattermost Server Information Disclosure Vulnerability (CNVD-2020-35329)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 3.0.0. The vulnerability can be exploited to obtain sensitive information credentials field in config.json through the system...

Mattermost Server Access Control Error Vulnerability (CNVD-2020-35180)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. An Access Control Error vulnerability exists in Mattermost Server, which stems from the program assigning the wrong permissions to a configuration file and can be exploited by an attacker to elevate...

Juniper Configuration Importer

This module imports a Juniper ScreenOS or JunOS device configuration. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Juniper Configuration Importer', 'Description' = %q This module imports a...

h1-ctf: [H1-2006 2020] Writeup

^FLAG^736c635d8842751b8aafa556154eb9f3$FLAG$ Prologue The CTF was announced in a Hacker0x01 tweet. The goal is to make payments from Marten Mickos' account on BountyPayHQ. The announcement tweet was followed shortly by a retweet of BountypayHQ, an account made for the event. BountypayHQ has one...

Navigate CMS 2.8.7 Directory Traversal

Exploit Title: Navigate CMS 2.8.7 - Authenticated Directory Traversal Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.8.7r1401.zip/download Version: 2.8.7 Tested o...

Navigate CMS 2.8.7 - Authenticated Directory Traversal Vulnerability

Exploit for php platform in category web applications Exploit Title: Navigate CMS 2.8.7 - Authenticated Directory Traversal Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link:...

Emerson OpenEnterprise Rights Mismanagement Vulnerability

Emerson Electric OpenEnterprise is a data acquisition and monitoring system SCADA from Emerson Electric, primarily for remote oil and gas applications. A security vulnerability exists in Emerson Electric OpenEnterprise 3.3.4 and prior versions, which arises from the program setting insecure...

PT-2020-13279 · Frrouting +4 · Frrouting Frr +4

Name of the Vulnerable Software and Affected Versions: FRRouting FRR versions through 7.3.1 Description: An issue was discovered in FRRouting FRR when using the split-config feature. The init script creates an empty config file with world-readable default permissions, leading to a possible...

Lk Scraper - An Fully Configurable Linkedin Scrape (Scrape Anything Within Linkedin)

Scrapes Any Linkedin Data Installation $ pip install git+git://github.com/jqueguiner/lkscraper Setup Using Docker compose $ docker-compose up -d $ docker-compose run lkscraper python3 Using Docker only forselenium server First, you need to run a selenium server $ docker run -d -p 4444:4444...

CloudBees Jenkins Copr Plugin Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Copr Plugin is used in one of the support in...

procps: Local privilege escalation in top

If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory without any security check. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of...

Git-Hound v1.1 - GitHound Pinpoints Exposed API Keys On GitHub Using Pattern Matching, Commit History Searching, And A Unique Result Scoring System

A batch-catching, pattern-matching, patch-attacking secret snatcher. GitHound pinpoints exposed API keys and other sensitive information on GitHub using pattern matching, commit history searching, and a unique result scoring system. GitHound has earned me over $7500 applied to Bug Bounty research...

procps: Local privilege escalation in top

If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory without any security check. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of...

iNextrix Technologies iNextrix ASTPP Security Feature Issue Vulnerability

INextrix Technologies INextrix ASTPP is an open source VoIP Voice over IP billing solution from INextrix Technologies, UK. iNextrix Technologies A security feature issue vulnerability exists in versions prior to iNextrix ASTPP 4.0.1, which stems from the...

CVE-2020-10567

An issue was discovered in Responsive Filemanager through 9.14.0. In the ajaxcalls.php file in the saveimg action in the name parameter, there is no validation of what kind of extension is sent. This makes it possible to execute PHP code if a legitimate JPEG image contains this code in the EXIF...