CVE-2021-39143 Path Traversal in spinnaker

Spinnaker is an open source, multi-cloud continuous delivery platform. A path traversal vulnerability was discovered in uses of TAR files by AppEngine for deployments. This uses a utility to extract files locally for deployment without validating the paths in that deployment don't override system...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

SnapAttack Log4j / CVE-2021-44228 / log4shell Resources Wh...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

🔍 Log4JShell Bytecode Detector Log4jShell Bytecode Detector i...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4J-CVE-Detect This repository contains a set of YARA rule...

Dell Emc Streaming Data Platform Code Issue Vulnerability (CNVD-2022-21491)

Dell Emc Streaming Data Platform, a Dell platform for real-time ingestion, storage and analysis of continuous streaming data, is vulnerable to a code issue that could be exploited by a remote, unauthenticated attacker to reuse old session artifacts to emulate a legitimate user...

CVE-2021-36330

Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to reuse old session artifacts to impersonate a legitimate user...

Dell Emc Streaming Data Platform代码问题漏洞

Dell Emc Streaming Data Platform, a Dell platform for real-time ingestion, storage and analysis of continuous streaming data, is vulnerable to a code issue that could be exploited by a remote, unauthenticated attacker to reuse old session artifacts to emulate a legitimate user...

Stacs - Static Token And Credential Scanner

Static Token And Credential Scanner What is it? STACS is a YARA powered static credential scanner which suports binary file formats, analysis of nested archives, composable rulesets and ignore lists, and SARIF reporting. What does STACS support? Currently, STACS supports recursive unpacking of...

java-11-openjdk security and bug fix update

1:11.0.13.0.8-1.0.1 - link atomic for ix86 build 1:11.0.13.0.8-1 - Revert addition of libharfbuzz.so after its removal by JDK-8255790 - Resolves: rhbz2012332 1:11.0.13.0.8-1 - Update to jdk-11.0.12.0+8 - Update release notes to 11.0.12.0+8 - Switch to GA mode for final release. - This tarball is...

CVE-2021-38178

The software logistics system of SAP NetWeaver AS ABAP and ABAP Platform versions - 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, enables a malicious user to transfer ABAP code artifacts or content, by-passing the established quality gates. By this vulnerability malicious...

SAP NetWeaver AS 安全漏洞

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but is also the basic platform for SAP software. SAP NetWeaver AS ABAP and ABAP Platform versions 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756 have a security vulnerabilit...

Velociraptor to Announce Winners of Its 2021 Contributor Competition

Velociraptor and Rapid7 are excited to announce the winners of our 2021 Velociraptor Contributor Competition on Friday, October 8. This competition encourages development of useful content and extensions to the Velociraptor platform. Submissions include new functionality in the form of VQL...

PT-2021-14726 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.314 and earlier Jenkins LTS versions 2.303.1 and earlier Description: The file browser in Jenkins may interpret some paths to files as absolute on Windows, resulting in a path traversal issue. This allows attackers with...

Internet Explorer Credential Gatherer

This module searches for Internet Explorer credentials on a Windows host. Module Options msf use post/windows/gather/credentials/ie msf postie show actions ...actions... msf postie set ACTION msf postie show options ...show and set options... msf postie run This module requires Metasploit:...

K-Meleon Credential Gatherer

This module searches for K-Meleon credentials on a Windows host. Module Options msf use post/windows/gather/credentials/kmeleon msf postkmeleon show actions ...actions... msf postkmeleon set ACTION msf postkmeleon show options ...show and set options... msf postkmeleon run This module requires...

Postbox Credential Gatherer

This module searches for Postbox credentials on a Windows host. Module Options msf use post/windows/gather/credentials/postbox msf postpostbox show actions ...actions... msf postpostbox set ACTION msf postpostbox show options ...show and set options... msf postpostbox run This module requires...

Operamail Credential Gatherer

This module searches for Operamail credentials on a Windows host. Module Options msf use post/windows/gather/credentials/operamail msf postoperamail show actions ...actions... msf postoperamail set ACTION msf postoperamail show options ...show and set options... msf postoperamail run This module...

Thunderbird Credential Gatherer

This module searches for Thunderbird credentials on a Windows host. Module Options msf use post/windows/gather/credentials/thunderbird msf postthunderbird show actions ...actions... msf postthunderbird set ACTION msf postthunderbird show options ...show and set options... msf postthunderbird run...

Aim Credential Gatherer

This module searches for Aim credentials on a Windows host. Module Options msf use post/windows/gather/credentials/aim msf postaim show actions ...actions... msf postaim set ACTION msf postaim show options ...show and set options... msf postaim run This module requires Metasploit:...

Digsby Credential Gatherer

This module searches for Digsby credentials on a Windows host. Module Options msf use post/windows/gather/credentials/digsby msf postdigsby show actions ...actions... msf postdigsby set ACTION msf postdigsby show options ...show and set options... msf postdigsby run This module requires Metasploi...