Debian DLA-1717-1 : rdflib security update

The CLI tools in python-rdflib-tools can load python modules found in the current directory. This happens because 'python -m' appends the current directory in the python path. For Debian 8 'Jessie', this problem has been fixed in version 4.1.2-3+deb8u1. We recommend that you upgrade your rdflib...

Armory - A Tool Meant To Take In A Lot Of External And Discovery Data From A Lot Of Tools, Add It To A Database And Correlate All Of Related Information

Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information. It isn't meant to replace any specific tool. It is meant to take the output from various tools, and use it to feed other tools. Additionally, ...

Low: Red Hat Security Advisory: ansible security and bug fix update

An update for ansible is now available for Red Hat OpenStack Platform 14.0 Rocky. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

[SECURITY] [DLA 1717-1] rdflib security update

Package : rdflib Version : 4.1.2-3+deb8u1 CVE ID : CVE-2019-7653 Debian Bug : 921751 The CLI tools in python-rdflib-tools can load python modules found in the current directory. This happens because "python -m" appends the current directory in the python path. For Debian 8 "Jessie", this problem...

Mad-Metasploit - Metasploit Custom Modules, Plugins & Resource Scripts

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection https://www.hahwul.com/p/mad-metasploit.html Awesome open awesome.md Add mad-metasploit to metasploit framework 1. config your metasploit-framework directory $ vim config/config.rb $metasploitpath =...

org.aksw.sparqlify:sparqlify-cli (=0.8.3), org.aksw.sparqlify:sparqlify-core (=0.8.3) +2 more potentially affected by CVE-2017-12625 via org.apache.hive:hive-service (=2.3.0)

org.apache.hive:hive-service MAVEN version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive-service and may be impacted: - org.aksw.sparqlify:sparqlify-cli =0.8.3 - org.aksw.sparqlify:sparqlify-core =0.8.3 -...

Security Bulletin: IBM BladeCenter Switch Modules are affected by vulnerability in OpenSSL (CVE-2018-0732)

Summary IBM BladeCenter Switch Modules have addressed the following vulnerability in OpenSSL. Vulnerability Details CVEID: CVE-2018-0732 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server during key...

The vulnerability of the linux-astra-modules package of the Astra Linux operating system, which allows a hacker to circumvent established security policy rules

The vulnerability of the linux-astra-modules package in the Astra Linux operating system is related to an access control permission assignment error, which allows for bypassing the closed software environment by writing to /proc/$PID/mem. Exploiting this vulnerability can enable a perpetrator to...

The vulnerability of the linux-astra-modules package of the Astra Linux operating system allows a hacker to gain unauthorized access to data.

The vulnerability of the linux-astra-modules package in the Astra Linux operating system is related to an error that causes information leakage through the prlimit utility for reading/setting limit values. Exploiting this vulnerability can allow a perpetrator to gain unauthorized access to data...

The vulnerability of the linux-astra-modules package of the Astra Linux operating system, which allows users to compromise data integrity

The vulnerability of the linux-astra-modules package in the Astra Linux operating system is related to an access control check failure, which allows a non-privileged user to modify file integrity markers. Exploiting this vulnerability could enable a user to compromise data integrity...

CVE-2019-1615

CVE-2019-1615 concerns Cisco NX-OS Software Image Signature Verification. Affected: Nexus 3000 Series switches; Nexus 9000 Series Fabric Switches in ACI Mode; Nexus 9000 Series in Standalone NX-OS Mode; Nexus 9500 R‑Series Line Cards and Fabric Modules. Root cause: improper verification of digita...

CVE-2019-1611 Cisco FXOS and NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1611)

A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI...

Input validation

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability is due to improper verification of digital signature...

CVE-2019-1611

A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI...

Input validation

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator. The vulnerability is due to improper implementation of filesystem permissions. An attacker...

CVE-2019-1604

A vulnerability in the user account management interface of Cisco NX-OS Software could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to an incorrect authorization check of user accounts and their associated Group ID GID. An...

CVE-2019-1603

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to escalate lower-level privileges to the administrator level. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by authenticating to the...

CVE-2019-1600

A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive information that is stored in the file system of an affected system. The vulnerability is due to improper implementation of file system...

CVE-2019-1600 Cisco FXOS and NX-OS Software Unauthorized Directory Access Vulnerability

A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive information that is stored in the file system of an affected system. The vulnerability is due to improper implementation of file system...

CVE-2019-1600

CVE-2019-1600 concerns Cisco FXOS and NX-OS software. The vulnerability arises from improper file system permissions, allowing an authenticated, local attacker to access or modify restricted files and potentially expose sensitive data stored on the system. Affected products include Cisco FXOS/NX-...