13313 matches found
hacking-material-books
This repository is an offensive tool for Metasploit and Nmap scripting. It contains a collection of articles and resource files for Metasploit RC/ERB scripting, Nmap NSE scripting, and bash programming. The repository includes examples of how to use Metasploit RC/ERB scripting to automate tasks,...
Gopherus
This tool is called Gopherus and it generates gopher links for exploiting Server-Side Request Forgery SSRF and gaining Remote Code Execution RCE in various servers. The tool can be used to exploit vulnerabilities in MySQL, PostgreSQL, FastCGI, Memcached, Redis, Zabbix, and SMTP servers. The tool...
OESA-2025-1889 php security update
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
OESA-2025-1888 php security update
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
NewStart CGSL MAIN 7.02 : ghostscript Multiple Vulnerabilities (NS-SA-2025-0121)
The remote NewStart CGSL host, running version MAIN 7.02, has ghostscript packages installed that are affected by multiple vulnerabilities: - Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword e.g., for runpdf has a \000 byte in the middle. CVE-2024-29509 - Artifex...
Security update for php7
This update for php7 fixes the following issues: CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...
SUSE-SU-2025:02473-1 Security update for php7
This update for php7 fixes the following issues: - CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 - CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 - CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extension via Large XML...
Security update for php8
This update for php8 fixes the following issues: CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...
SUSE-SU-2025:02463-1 Security update for php8
This update for php8 fixes the following issues: - CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 - CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 - CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extension via Large XML...
SUSE-SU-2025:02462-1 Security update for php8
This update for php8 fixes the following issues: Version update to 8.3.23: - CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 - CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 - CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP...
SUSE SLES15 Security Update : postgresql17 (SUSE-SU-2025:01783-2)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:01783-2 advisory. Upgrade to 17.5: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation...
Security update for postgresql17
This update for postgresql17 fixes the following issues: Upgrade to 17.5: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/17.5/ Patch Instructions: To...
Security Bulletin: Multiple Vulnerabilities Affected for EDB
Summary Multiple Vulnerabilities Affected for EDB has been addressed for EDB PostgreSQL with IBM and EDB Postgres Advanced Server with IBM Vulnerability Details CVEID:CVE-2025-1094 DESCRIPTION: Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral,...
Security Bulletin: Multiple Vulnerabilities Affected for EDB
Summary Multiple Vulnerabilities Affected for EDB has been addressed for EDB PostgreSQL with IBM and EDB Postgres Advanced Server with IBM Vulnerability Details CVEID:CVE-2025-1094 DESCRIPTION: Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral,...
How to Install and Configure PgBouncer for Veeam Backup for Microsoft 365
PgBouncer must not be deployed on the machine where Veeam Backup for Microsoft 365 is installed. This article is intended only for deployments where the PostgreSQL Instance used by Veeam Backup for Microsoft 365 is hosted on its own dedicated server. For deployments of Veeam Backup for Microsoft...
BIT-PHP-2025-1735 pgsql extension does not check for errors during escaping
In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...
DEBIAN-CVE-2025-1735
In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...
AZL-65124 CVE-2025-1735 affecting package php for versions less than 8.1.33-1
In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...
AZL-65121 CVE-2025-1735 affecting package php for versions less than 8.3.23-1
In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...
UBUNTU-CVE-2025-1735
In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...