burp-ui (>=0.4.1 <=0.5.1), certbot-pinned (=0.17.0) +82 more potentially affected by CVE-2018-1000807 via pyopenssl (>=16.0.0 <=17.4.0)

pyopenssl PYPI version =16.0.0, =0.4.1, =1.2.1.20160901, =0.9.5, =0.2.10.3, =2.2.0, =0.5.0, =0.3.0, =0.2.4, =0.9.2, =0.9.7, =1.9.5, =1.1.1, =1.3.0 and more Source cves: CVE-2018-1000807 Source advisory: OSV:PYSEC-2018-23...

HeapHopper - A Bounded Model Checking Framework For Heap-implementations

HeapHopper is a bounded model checking framework for Heap-implementations. Setup sudo apt update && sudo apt install build-essential python-dev virtualenvwrapper git clone https://github.com/angr/heaphopper.git && cd ./heaphopper mkvirtualenv -ppython2 heaphopper pip install -e . Required Package...

Virus Bulletin 2018: Microsoft’s Lambert on How Cloud is Changing Security

MONTREAL – As businesses increasingly turn to the cloud and to software-as-a-service applications, they are finding themselves with new attack surfaces and new types of threats – specifically, hard-to-thwart supply-chain attacks that have the potential for large amounts of collateral damage. In a...

argschema (>=1.16.1 <=1.16.5), aries-cloudagent (>=0.3.3 <=0.5.1) +25 more potentially affected by CVE-2018-17175 via marshmallow (>=3.0.0 <=3.0.0b8)

marshmallow PYPI version =3.0.0, =1.16.1, =0.3.3, =0.0.22, =0.1.1, =0.1.0, =0.0.18, =0.19.0, =0.1.0, =0.3.0, =1.0.0, =0.0.4, =0.1.0, =0.0.1, =0.0.4 and more Source cves: CVE-2018-17175 Source advisory: OSV:PYSEC-2018-67...

abbr (=0.0.0), aequitas (>=0.26.0 <=0.42.0) +112 more potentially affected by CVE-2018-1000656 via flask (>=0.10.1 <=0.12.2)

flask PYPI version =0.10.1, =0.26.0, =1.4.15, =0.11.1, =0.4.0, =0.1.0, =0.1.1, =0.1.17, =0.1.0, =0.4.1, =0.1.0, =0.0.1, =1.0.8, =1.1.0 and more Source cves: CVE-2018-1000656 Source advisory: OSV:GHSA-562C-5R94-XH97...

aepp-sdk (>=0.18.0.3 <=0.18.0.4), aletheia (=0.0.1) +63 more potentially affected by CVE-2018-10903 via cryptography (>=1.9.0 <=2.2.2)

cryptography PYPI version =1.9.0, =0.18.0.3, =3.1.0, =0.2.0, =0.2.2, =0.7.1, =1.2.1.20160901, =0.8.0, =0.0.1, =0.5.4, =0.9.191, =0.7.0, =0.3.1, =0.4.0 and more Source cves: CVE-2018-10903 Source advisory: OSV:PYSEC-2018-52...

ahserver (>=1.0.1 <=1.2.0), aiohttp-admin (>=0.1.0a0 <=0.1.0a3) +62 more potentially affected by CVE-2018-1000519 via aiohttp-session (>=0.8.0 <=2.1.0)

aiohttp-session PYPI version =0.8.0, =1.0.1, =0.1.0a0, =1.0.0, =0.0.1, =1.4.0, =0.3.0, =0.4.3, =0.0.1, =0.1.0, =1.0.0, =0.0.1, =22.3.0, =0.0.1, =0.0.2 and more Source cves: CVE-2018-1000519 Source advisory: OSV:PYSEC-2018-80...

Prowler - Distributed Network Vulnerability Scanner

Prowler is a Network Vulnerability Scanner implemented on a Raspberry Pi Cluster, first developed during Singapore Infosec Community Hackathon - HackSmith v1.0. Capabilities Scan a network a particular subnet or a list of IP addresses for all IP addresses associated with active network devices...

MGASA-2018-0256 Updated python packages fix security vulnerabilities

Updated python packages fix security vulnerabilities: A flaw was found in the way catastrophic backtracking was implemented in Python's pop3lib's apop method. An attacker could use this flaw to cause denial of service CVE-2018-1060. A flaw was found in the way catastrophic backtracking was...

Slackware 14.0 / 14.1 / 14.2 / current : python (SSA:2018-124-01)

New python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2018-124-01. The text itself is copyright C Slackware Linu...

aacrgenie (>=9.0.0 <=12.5.0), aalam-common (=0.1.78) +549 more potentially affected by CVE-2018-6594 via pycrypto (>=2.4.1 <=2.6.1)

pycrypto PYPI version =2.4.1, =9.0.0, =0.0.8, =1.1.3, =1.0.1, =3.4.0, =0.4.0b0, =3.0.0b1, =0.0.2, =0.0.1, =1.0.0, =0.0.4, =0.3.1 and more Source cves: CVE-2018-6594 Source advisory: OSV:PYSEC-2018-97...

MGASA-2018-0004 Updated python/python3 packages fix security vulnerability

It was discovered that Python incorrectly handled decoding certain strings. An attacker could possibly use this issue to execute arbitrary code CVE-2017-1000158...

[SECURITY] [DLA 1189-1] python2.7 security update

Package : python2.7 Version : 2.7.3-6+deb7u4 CVE ID : CVE-2017-1000158 A minor security vulnerability has been discovered in Python 2.7, an interactive high-level object-oriented language. CVE-2017-1000158 CPython the reference implementation of Python also commonly known as simply Python version...

New and Improved Version of airpwn: airpwn-ng

Features Inject to all visible clients a.k.a Broadcast Mode Inject on both open networks and WEP/WPA protected networks Targeted injection with -t MAC:ADDRESS MAC:ADDRESS Gather all visible cookies Broadcast Mode Gather cookies for specific websites –websites websiteslist.txt In this scenario,...

a2grunnerp (>=0.1.0 <=0.1.8), abeja-sdk (>=1.0.2 <=1.0.2rc1) +1374 more potentially affected by CVE-2015-5237 via protobuf (>=2.6.0 <=3.1.0)

protobuf PYPI version =2.6.0, =0.1.0, =1.0.2, =0.1.3, =0.1.5, =0.1.2, =1.3.0, =1.1.2, =1.1.0, =0.7.1, =1.2.3 and more Source cves: CVE-2015-5237 Source advisory: OSV:PYSEC-2017-150...

Zeus Scanner - Advanced Dork Searching Utility

Zeus is a advanced dork searching tool that is capable of bypassing search engine API calls, search engine captchas, and IP address blocking from sending many requests to the search engine itself. Zeus can use three different search engines to do the search default is Google. Zeus has a powerful...

ESXi 6.0 < Build 5485776 Multiple Vulnerabilities (VMSA-2017-0015) (remote check)

The version of the remote VMware ESXi 6.0 host is prior to build 5224529. It is, therefore, affected by multiple vulnerabilities in VMWare Tools and the bundled OpenSSL and Python packages, as well as a NULL pointer dereference vulnerability related to handling RPC requests that could allow an...

EulerOS 2.0 SP1 : python (EulerOS-SA-2017-1185)

According to the version of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The Python standard library HTTP client modules such as httplib or urllib did not perform verification of TLS/SSL certificates when connecting to...

2adif (=0.1.0), addgene-mcp (>=0.1.0 <=0.1.3) +576 more potentially affected by CVE-2017-14158 via scrapy (>=1.3.3 <=2.9.0)

scrapy PYPI version =1.3.3, =0.1.0, =0.10.0, =0.0.1, =0.4.0, =0.1.4, =1.0.0, =0.0.1, =1.0.0, =0.0.24, =2.9.3, =0.1.1, =0.3.7 and more Source cves: CVE-2017-14158 Source advisory: OSV:PYSEC-2017-83...

tcconfig - A Simple Tc Command Wrapper Tool

A Simple tc command wrapper tool. Easy to set up traffic control of network bandwidth/latency/packet-loss to a network interface. Traffic control features Trafic shaping target Apply traffic shaping rules to specific target: Outgoing/Incoming packets Certain IP address/network or port Available...