Secretx - Extracting API Keys And Secrets By Requesting Each URL At The Your List

Extracting api keys and secrets by requesting each url at the your list. Installation python3 -m pip install -r requirements.txt Usage python3 secretx.py --list urlList.txt --threads 15 optional arguments: --help --colorless Credits Thanks to @m4ll0k for patterns and @choudhary1337 inpsiring for...

CVE-2019-10517

Memory is being freed up twice when two concurrent threads are executing in parallel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096,...

Design/Logic Flaw

Memory is being freed up twice when two concurrent threads are executing in parallel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096,...

EulerOS 2.0 SP2 : 389-ds-base (EulerOS-SA-2019-2369)

According to the versions of the 389-ds-base packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - 389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different retu...

aSYNcrone - A SYN Flood DDoS Tool

aSYNcrone is a C language based, mulltifunction SYN Flood DDoS Weapon. Disable the destination system by sending a SYN packet intensively to the destination. aSYNcrone's POWER!!! USAGE git clone https://github.com/fatih4842/aSYNcrone.git cd aSYNcrone gcc aSYNcrone.c -o aSYNcrone -lpthread...

CVE-2019-19396

illumos, as used in OmniOS Community Edition before r151030y, allows a kernel crash via an application with multiple threads calling sendmsg concurrently over a single socket, because uts/common/inet/ip/ipattr.c mishandles connixa dereferences...

Deserialization of untrusted data

illumos, as used in OmniOS Community Edition before r151030y, allows a kernel crash via an application with multiple threads calling sendmsg concurrently over a single socket, because uts/common/inet/ip/ipattr.c mishandles connixa dereferences...

tomcat: Apache Tomcat HTTP/2 DoS

A flaw was found in Apache Tomcat, where the HTTP/2 implementation accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open, which enables them to cause server-side threads to block. This flaw eventually leads to a denial of service attack...

[SECURITY] Fedora 30 Update: nspr-4.23.0-1.fc30

NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management malloc and free and shared library linking...

[SECURITY] Fedora 31 Update: nspr-4.23.0-1.fc31

NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management malloc and free and shared library linking...

box.js - A Tool For Studying JavaScript Malware

A utility to analyze malicious JavaScript. Installation Simply install box-js from npm: npm install box-js --global Usage Looking to use box-js with Cuckoo? Use cuckoo-package.py as an analysis package. Let's say you have a sample called sample.js: to analyze it, simply run box-js sample.js Chanc...

SUSE SLES12 Security Update : libvirt (SUSE-SU-2019:2227-2)

This update for libvirt fixes the following issues : Security issues fixed : CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd...

[SECURITY] Fedora 30 Update: python-slixmpp-1.4.2-1.fc30

Slixmpp is an MIT licensed XMPP library for Python 3.5+. It is a fork of SleekXMPP. Goals is to only rewrite the core of the library the low level socket handling, the timers, the events dispatching in order to remove all threads...

RUSTSEC-2019-0018 Internally mutating methods take immutable ref self

Affected versions of this crate exposed several methods which took self by immutable reference, despite the requesting the RenderDoc API to set a mutable value internally. This is technically unsound and calling these methods from multiple threads without synchronization could lead to unexpected...

SUSE-SU-2019:2227-1 Security update for libvirt

This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd...

CVE-2019-15134

RIOT through 2019.07 contains a memory leak in the TCP implementation gnrctcp, allowing an attacker to consume all memory available for network packets and thus effectively stopping all network threads from working. This is related to receive in sys/net/gnrc/transportlayer/tcp/gnrctcpeventloop.c...

CVE-2019-15134

CVE-2019-15134 affects RIOT OS (GNRC TCP) up through 2019.07. The issue is a memory leak in the TCP implementation (gnrc_tcp) triggered in _receive within sys/net/gnrc/transport_layer/tcp/gnrc_tcp_eventloop.c when an ACK is received before a SYN. This can cause unbounded memory consumption for ne...

SUSE SLES12 Security Update : libvirt (SUSE-SU-2019:2105-1)

This update for libvirt fixes the following issues : Security issues fixed : CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd...

openSUSE Security Update : tomcat (openSUSE-2019-1808)

This update for tomcat to version 9.0.21 fixes the following issues : Security issues fixed : - CVE-2019-0199: Fixed a denial of service in the HTTP/2 implementation related to streams with excessive numbers of SETTINGS frames bsc1131055. - CVE-2019-0221: Fixed a cross site scripting vulnerabilit...

CVE-2019-2290

Multiple open and close from multiple threads will lead camera driver to access destroyed session data pointer in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W,...