EUVD-2018-10231

Malware in sbrugna...

psfree-lapse

🌟 psfree-lapse - Easy PS4 Exploits in One Place 📥 Download...

OPENSUSE-SU-2024:0220-1 Security update for caddy

This update for caddy fixes the following issues: - Update to version 2.8.4: cmd: fix regression in auto-detect of Caddyfile 6362 Tag v2.8.3 was mistakenly made on the v2.8.2 commit and is skipped - Update to version 2.8.2: cmd: fix auto-detetction of .caddyfile extension 6356 caddyhttp: properly...

Cross-site Scripting (XSS)

getkirby/cms is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the file function at Response.php due to the MIME auto-detection of uploaded files which allows an attacker to upload a file with an arbitrary MIME type and inject arbitrary scripts...

GHSA-8FV7-WQ38-F5C9 Cross-site scripting (XSS) from MIME type auto-detection of uploaded files

TL;DR This vulnerability affects all Kirby sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to upload an arbitrary file to the content folder. Your Kirby sites are not affected if they don't allow file uploads for untrusted users ...

SUSE CVE-2018-18506

When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration PAC file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is...

Formphish - Auto Phishing Form-Based Websites

Auto Phishing form-based websites. This tool can automatically detect inputs on html form-based websites to create a phishing page. Features: Auto detect device Port Forwarding by Ngrok IP Tracker Legal disclaimer: Usage of Formphish for attacking targets without prior mutual consent is illegal...

CVE-2018-18506

When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration PAC file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is...

NewStart CGSL CORE 5.04 / MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0062)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: - Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory...

NewStart CGSL MAIN 4.05 : firefox Multiple Vulnerabilities (NS-SA-2019-0153)

The remote NewStart CGSL host, running version MAIN 4.05, has firefox packages installed that are affected by multiple vulnerabilities: - Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory write via a crafte...

SQLMap v1.3.7 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied

When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration PAC file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is...

Mozilla Thunderbird < 60.6

The version of Thunderbird installed on the remote Windows host is prior to 60.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-11 advisory. - A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Thunderbird vulnerabilities (USN-3927-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3927-1 advisory. It was discovered that Thunderbird allowed PAC files to specify that requests to localhost are sent through the proxy to another...

Mozilla Thunderbird < 60.6

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 60.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-11 advisory. - A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with th...

Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied

When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration PAC file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is...

Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied

When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration PAC file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is...

Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied

When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration PAC file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is...

Security vulnerabilities fixed in Firefox ESR 60.6 — Mozilla

A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. The type inference system allows the compilation of functions that can cause typ...

Mozilla Firefox ESR < 60.6

The version of Firefox ESR installed on the remote Windows host is prior to 60.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-08 advisory. - A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh...