[ASA-202110-10] wpewebkit: multiple issues

Arch Linux Security Advisory ASA-202110-10 ========================================== Severity: Medium Date : 2021-10-29 CVE-ID : CVE-2021-30846 CVE-2021-30851 CVE-2021-42762 Package : wpewebkit Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2484 Summary ======= The...

Archlinux libtpms 缓冲区错误漏洞

Archlinux libtpms is an Archlinux open source application. A library that provides software emulation of Trusted Platform Modules TPM 1.2 and TPM 2.0. A buffer error vulnerability exists in libtpms, which stems from an out-of-bounds access issue in libtpms, where an attacker can build special TPM...

Archlinux libtpms 缓冲区错误漏洞

Archlinux libtpms is an Archlinux open source application. A library that provides software emulation of Trusted Platform Modules TPM 1.2 and TPM 2.0. A buffer error vulnerability exists in Archlinux libtpms that stems from a boundary condition. A local user can trigger an out-of-range read error...

Archlinux libtpms 安全特征问题漏洞

Archlinux libtpms is an Archlinux open source application. A library that provides software emulation of Trusted Platform Modules TPM 1.2 and TPM 2.0. A security feature issue vulnerability exists in versions prior to libtpms 0.8.0, which stems from a bug in the TCG specification where the key...

Kenzer - Automated Web Assets Enumeration And Scanning

Automated Web Assets Enumeration & Scanning Instructions for running 1. Create an account on Zulip 2. Navigate to Settings Your Bots Add a new bot 3. Create a new generic bot named kenzer 4. Add all the configurations in configs/kenzer.conf 5. Install/Run using - ./install.sh -b if you need...

archlinux.2023198.n4.nabble.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1184709 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

[ASA-202003-4] golang-golang-x-crypto: denial of service

Arch Linux Security Advisory ASA-202003-4 ========================================= Severity: Medium Date : 2020-03-08 CVE-ID : CVE-2020-9283 Package : golang-golang-x-crypto Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1109 Summary ======= The package...

Multiple Linux Distributions CVE-2019-14899 Security Bypass Vulnerability

Description Multiple Linux Distributions are prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Apple iOS Apple macOS Archlinux Linux 2019.05...

Lockdoor Framework - A Penetration Testing Framework With Cyber Security Resources

Lockdoor Framework : A Penetration Testing Framework With Cyber Security Resources. 09/2019 : 1.0Beta Information Gathring Tools 21 Web Hacking Tools15 Reverse Engineering Tools 15 Exploitation Tools 6 Pentesting & Security Assessment Findings Report Templates 6 Password Attack Tools 4 Shell Tool...

BSI Advance Hotel Booking System 2.0 - (booking_details.php) Persistent Cross-Site Scripting Vulnera

Exploit for php platform in category web applications Exploit Title:BSI Advance Hotel Booking System Persistent XSS Google Dork: intext:Hotel Booking System v2.0 © 2008 - 2012 Copyright Best Soft Inc Exploit Author: Angelo Ruwantha Vendor Homepage: http://www.bestsoftinc.com Software Link:...

Sn0Int - Semi-automatic OSINT Framework And Package Manager

sn0int is a semi-automatic OSINT framework and package manager. It was built for IT security professionals and bug hunters to gather intelligence about a given target or about yourself. sn0int is enumerating attack surface by semi-automatically processing public information and mapping the result...

Httplab - Inspect HTTP Requests And Forge Responses

The interactive web server. HTTPLabs let you inspect HTTP requests and forge responses. Install Golang go get github.com/gchaincl/httplab go install github.com/gchaincl/httplab/cmd/httplab Archlinux yaourt httplab Snap FIXME On systems where snap is supported: snap install httplab Binary...

[ASA-201805-22] wireshark-gtk: multiple issues

Arch Linux Security Advisory ASA-201805-22 ========================================== Severity: Critical Date : 2018-05-25 CVE-ID : CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 Package : wireshark-gtk Type :...

Penetration Testers Framework: PTF

The PenTesters Framework PTF is a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. As pentesters, we’ve been accustom to the /pentest/ directories or our own toolsets that we want to keep up-to-date all o...

[ASA-201711-22] lib32-flashplugin: arbitrary code execution

Arch Linux Security Advisory ASA-201711-22 ========================================== Severity: Critical Date : 2017-11-15 CVE-ID : CVE-2017-11213 CVE-2017-11215 CVE-2017-11225 CVE-2017-3112 CVE-2017-3114 Package : lib32-flashplugin Type : arbitrary code execution Remote : Yes Link :...

BGP Swiss Army Knife: ExaBGP

ExaBGP provides a convenient way to implement Software Defined Networking by transforming BGP messages into friendly plain text or JSON, which can then be easily handled by simple scripts or your BSS/OSS. It is routinely used to improve service resilience and provide protection against network or...

BlackArch Linux v2016.04.28 - Penetration Testing Distribution

BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1410 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. ChangeLog: added new improved BlackArch Linux...

Vane - WordPress Vulnerability Scanner (A GPL fork of WPScan)

Vane is a GPL fork of the now non-free popular WordPress vulnerability scanner WPScan. INSTALL Prerequisites Windows not supported Ruby = 1.9 RubyGems Git Installing on Debian/Ubuntu sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev git clone...

Tincd Post-Authentication Remote TCP Stack Buffer Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'securerandom' class Metasploit3 'Tincd Post-Authentication Remote TCP Stack Buffer Overflow', 'Description' = %q This module exploits a stack...

mcrypt <= 2.5.8 Stack Based Overflow

No description provided by source. !/usr/bin/perl Title : mcrypt = 2.5.8 STACK based overflow Date : 23/11/2012 Exploit Author : Tosh CVE : CVE-2012-4409 Patch : http://www.openwall.com/lists/oss-security/2012/09/06/8 Tested on : Archlinux 3.6.6-1, without SSP This script exploit a stack based...