MS17-010

This repository is for public analysis of the MS17-010 vulnerability. The vulnerability is related to the SMB Server Message Block protocol and affects Windows operating systems. The repository contains various PoCs Proof of Concepts and exploits for different versions of Windows, including Windo...

Bbrecon - Python Library And CLI For The Bug Bounty Recon API

Bug Bounty Recon bbrecon is a free Recon-as-a-Service for bug bounty hunters and security researchers. The API aims to provide a continuously up-to-date map of the Internet "safe harbor" attack surface, excluding out-of-scope targets. It comes with an ergonomic CLI and Python library. This...

python-rsa: decryption of ciphertext leads to DoS

A flaw was found in the python-rsa package, where it does not explicitly check the ciphertext length against the key size and ignores the leading 0 bytes during the decryption of the ciphertext. This flaw allows an attacker to perform a ciphertext attack, leading to a denial of service. The highe...

pwntools

This repository is an offensive tool for binary exploitation. It is a collection of common binary exploitation tools, including pwntools, a Python library for binary exploitation. The repository includes a variety of tools and scripts for exploiting vulnerabilities in binaries, including exploit...

[SECURITY] Fedora 32 Update: mingw-python3-3.8.3-3.fc32

MinGW Windows python3 library...

Pillow Buffer Overflow Vulnerability

Pillow is a Python based image processing library. A buffer overflow vulnerability exists in the libImaging/TiffDecode.c file in Pillow versions prior to 7.1.0. The vulnerability stems from a networked system or product that performs operations in memory without properly validating data boundarie...

[SECURITY] Fedora 31 Update: python-httplib2-0.18.1-3.fc31

A comprehensive HTTP client library that supports many features left out of other HTTP libraries...

Unspecified vulnerability in Open-iSCSI rtslib-fb

Open-iSCSI rtslib-fb is an object-based Python library for configuring LIO general purpose SCSI targets in the Linux kernel. A security vulnerability exists in Open-iSCSI rtslib-fb version 2.1.72 and earlier. No detailed vulnerability details are provided at this time...

UBUNTU-CVE-2020-14422

Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface...

PT-2021-6018 · Python +10 · Urllib3 +10

Name of the Vulnerable Software and Affected Versions: urllib3 versions prior to 1.26.5 Description: The issue is related to an HTTP client vulnerability in Python urllib3, which is associated with uncontrolled resource consumption. Exploitation of the vulnerability may allow a remote attacker to...

UBUNTU-CVE-2020-13092

DISPUTED scikit-learn aka sklearn through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the joblib.load function, if reduce makes an os.system call. NOTE: third parties dispute this issue because the joblib.load function is documented as unsafe and it is the...

python-urllib3: Certification mishandle when error should be thrown

The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use o...

python: Cookie domain check returns incorrect results

http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostnam...

aequitas (>=0.26.0 <=0.42.0), ax (>=0.39.0 <=0.52.0) +27 more potentially affected by CVE-2020-11888 via markdown2 (>=2.3.0 <=2.3.8)

markdown2 PYPI version =2.3.0, =0.26.0, =0.39.0, =0.1.0, =0.5.29, =3.8.3, =0.0.1, =0.4.1, =0.0.1, =0.7.0a1, =0.2.2, =0.4.0rc1590080566 and more Source cves: CVE-2020-11888 Source advisory: OSV:PYSEC-2020-65...

Chepy - A Python Lib/Cli Equivalent Of The Awesome CyberChef Tool.

Chepy is a python library with a handy cli that is aimed to mirror some of the capabilities of CyberChef. A reasonable amount of effort was put behind Chepy to make it compatible to the various functionalities that CyberChef offers, all in a pure Pythonic manner. There are some key advantages and...

python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure

urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect i.e., a redirect that differs in host, port, or scheme. This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext...

DEBIAN-CVE-2020-7212

The encodeinvalidchars function in util/url.py in the urllib3 library 1.25.2 through 1.25.7 for Python allows a denial of service CPU consumption because of an inefficient algorithm. The percentencodings array contains all matches of percent encodings. It is not deduplicated. For a URL of length ...

PT-2020-5140 · Python +1 · Urllib3 +1

Name of the Vulnerable Software and Affected Versions: urllib3 library versions 1.25.2 through 1.25.7 Description: The issue is related to an inefficient algorithm in the encode invalid chars function, which can lead to a denial of service due to CPU consumption. This happens because the percent...

Blinder - A Python Library To Automate Time-Based Blind SQL Injection

Blidner is a small python library to automate time-based blind SQL injection by using a pre defined queries as a functions to automate a rapid PoC development. Installation You can install Blinder using the following command: pip install blinder Or by downloading the source and importing it...

[SECURITY] [DLA 2057-1] pillow security update

Package : pillow Version : 2.6.1-2+deb8u4 CVE IDs : CVE-2019-19911 CVE-2020-5312 CVE-2020-5313 Debian Bug : 948224 It was discovered that there were three vulnerabilities in Pillow, an imaging library for the Python programming language: CVE-2019-19911: Prevent a denial-of-service vulnerability...