com.hubspot.mesos.rx.java.example:mesos-rxjava-example-framework (=0.1.0), com.hubspot.mesos.rx.java:mesos-rxjava-protobuf-client (=0.1.0) +4 more potentially affected by CVE-2018-11793 via org.apache.mesos:mesos (=1.6.1)

org.apache.mesos:mesos MAVEN version =1.6.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.mesos:mesos and may be impacted: - com.hubspot.mesos.rx.java.example:mesos-rxjava-example-framework =0.1.0 -...

Xoops 1.0.2 PD-Links 1.0 Database Disclosure

Exploit Title : Xoops 1.0.2 PD-Links Modules 1.0 Krobi Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 03/03/2019 Vendor Homepage : xoops.org power-dreams.com Software Download Link : xoops.org/modules/repository/visit.php?cid=40&lid=1491...

[SECURITY] Fedora 28 Update: ansible-2.7.8-1.fc28

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

[SECURITY] Fedora 29 Update: ansible-2.7.8-1.fc29

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

Moderate: Red Hat Security Advisory: ansible security and bug fix update

An update for ansible is now available for Ansible Engine 2.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Moderate: Red Hat Security Advisory: ansible security and bug fix update

An update for ansible is now available for Ansible Engine 2.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Metasploit Cheat Sheet

The Metasploit Project is a computer security project that provides information on vulnerabilities, helping in the development of penetration tests and IDS signatures. Metasploit is a popular tool used by pentest experts. Metasploit : Search for module: msf search regex Specify and exploit to use...

CVE-2019-9042

An issue was discovered in Sitemagic CMS v4.4. In the index.php?SMExt=SMFiles URI, the user can upload a .php file to execute arbitrary code, as demonstrated by 404.php. This can only occur if the administrator neglects to set FileExtensionFilter and there are untrusted user accounts. NOTE: The...

CVE-2019-9042

An issue was discovered in Sitemagic CMS v4.4. In the index.php?SMExt=SMFiles URI, the user can upload a .php file to execute arbitrary code, as demonstrated by 404.php. This can only occur if the administrator neglects to set FileExtensionFilter and there are untrusted user accounts. NOTE: The...

CVE-2019-9042

An issue was discovered in Sitemagic CMS v4.4. In the index.php?SMExt=SMFiles URI, the user can upload a .php file to execute arbitrary code, as demonstrated by 404.php. This can only occur if the administrator neglects to set FileExtensionFilter and there are untrusted user accounts. NOTE: The...

CVE-2019-9042

An issue was discovered in Sitemagic CMS v4.4. In the index.php?SMExt=SMFiles URI, the user can upload a .php file to execute arbitrary code, as demonstrated by 404.php. This can only occur if the administrator neglects to set FileExtensionFilter and there are untrusted user accounts. NOTE: The...

BeEF - The Browser Exploitation Framework Project

What is BeEF? BeEF is short for The BrowserExploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual securi...

[SECURITY] Fedora 29 Update: dnf-4.1.0-1.fc29

Utility that allows users to manage packages on their systems. It supports RPMs, modules and comps groups & environments...

Encryption of Federal Data

One of the biggest challenges our customers face when pursuing Federal Risk and Authorization Management Program FedRAMP compliance is the federal mandate that Federal Information Processing Standards FIPS 140-2 validated cryptographic modules must be consistently applied where cryptography is...

[SECURITY] Fedora 29 Update: jackson-modules-base-2.9.8-1.fc29

Jackson "base" modules: modules that build directly on databind, and are not data-type, data format, or JAX-RS provider modules...

Fibratus - Tool For Exploration And Tracing Of The Windows Kernel

Fibratus is a tool which is able to capture the most of the Windows kernel activity - process/thread creation and termination, context switches, file system I/O, registry, network activity, DLL loading/unloading and much more. The kernel events can be easily streamed to a number of output sinks...

Node.js third-party modules: [url-parse] Improper Validation and Sanitization

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to triage and respond quickly, so be sure to take your time filling out the report! I would like to report Improper...

Slims CMS Senayan Library Management System 7.0 Shell Upload

Exploit Title : Slims CMS Senayan Library Management System 7.0 Arbitrary File Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Team Date : 13/02/2019 Vendor Homepage : slims.web.id Software Download Link : github.com/slims/...

Security update for java-11-openjdk (important)

openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2019:0161-1 Rating: important References: 1120431 1122293 1122299 Cross-References: CVE-2018-11212 CVE-2019-2422 CVE-2019-2426 Affected Products: openSUSE Leap 15.0 An update that fixes three vulnerabilitie...

IP-Tools 2.5 - 'Log to file' Local Buffer Overflow (SEH) (Egghunter)

!/usr/bin/env python ------------------------------------------------------------------------------------------------------------------------------------ Exploit: IP-Tools 2.5 - Local Buffer OverflowEggHunter Date: 2019-02-06 Author: Juan Prescotto Tested Against: Win7 Pro SP1 64 bit Software...