openSUSE Security Update : 389-ds (openSUSE-2021-868)

This update for 389-ds fixes the following issues : - CVE-2021-3514: Fixed a syncrepl NULL pointer dereference in synccreatestatecontrol bsc1185356 389-ds was updated to version 1.4.3.23git0.f53d0132b : Bump version to 1.4.3.23 : - Issue 4725 - RFE DS - Update the password policy to support a...

EmailFinder - Search Emails From A Domain Through Search Engines

\ \ /| \ | /| /| \ || \ | | | | | \ | || | || | | | | \ \ || | | || | | | | \ || | || \ | /| | \ || / | \ \ /|/ |/ / |/ / | Author: @JosueEncinar | Description: Search emails from a domain through search engines. | Version: 0.1b | Usage: emailfinder -d domain.com Installation: pip3 install...

`grep-cli` may run arbitrary executables on Windows

On Windows in versions of grep-cli prior to 0.1.6, it's possible for some of the routines to execute arbitrary executables. In particular, a quirk of the Windows process execution API is that it will automatically consider the current directory before other directories when resolving relative...

Interactsh - An OOB Interaction Gathering Server And Client Library

Interactsh is an Open-Source Solution for Out of band Data Extraction, A tool designed to detect bugs that cause external interactions, For example - Blind SQLi, Blind CMDi, SSRF, etc. Features DNS/HTTP/SMTP Interaction support CLI Client / Web Dashboard support AES encryption with zero logging...

@random-guys/coralpay-pgp (>=0.0.1 <=0.1.0), @woocommerce/components (>=1.0.0 <=1.0.1) +4 more potentially affected by CVE-2021-23392 via locutus (>=2.0.10 <=2.0.14)

locutus NPM version =2.0.10, =0.0.1, =1.0.0, =1.1.0, =1.0.2, =1.0.52, =0.1.0, =0.2.1 Source cves: CVE-2021-23392 Source advisory: OSV:GHSA-39Q4-P535-C852...

CVE-2021-21661

Jenkins Kubernetes CLI Plugin 1.10.0 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

CVE-2021-21661

CVE-2021-21661 affects Jenkins Kubernetes CLI Plugin 1.10.0 and earlier. Several HTTP endpoints lack permission checks, enabling attackers with Overall/Read to enumerate credentials IDs stored in Jenkins. The Connected documents provide this vulnerability description and references but do not inc...

PT-2021-14704 · Jenkins · Jenkins Kubernetes Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Kubernetes CLI Plugin versions 1.10.0 and earlier Description: The issue allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins due to a lack of permission checks in several HTTP...

Jenkins 安全漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in the Jenkins Kubernetes CLI Plugin that stems from Jenkins Kubernetes CLI Plugin 1.10.0...

WordPress WP-CLI Trust Management Issue Vulnerability

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language.WP-CLI is the command line interface for WordPress. WordPress WP-CLI has a trust management issue vulnerability that can be exploited by remote attackers to be able to intercept communications...

BlueZ 缓冲区错误漏洞

BlueZ is a Bluetooth protocol stack written in C. It is primarily used to provide support for the core Bluetooth layers and protocols. BlueZ suffers from a buffer overflow vulnerability that stems from the clifeatreadcb function in src/gatt-database.c failing to perform a bounds check on the...

SUSE: Security Advisory (SUSE-SU-2019:1220-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:3737-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:0457-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:1220-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[ASA-202106-30] wireshark-cli: denial of service

Arch Linux Security Advisory ASA-202106-30 ========================================== Severity: Low Date : 2021-06-09 CVE-ID : CVE-2021-22222 Package : wireshark-cli Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2037 Summary ======= The package wireshark-cli befo...

SUSE: Security Advisory (SUSE-SU-2020:0251-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-29504

WP-CLI is the command-line interface for WordPress. An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the...

CVE-2021-29504

WP-CLI is the command-line interface for WordPress. An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the...

Hardcoded credentials

WP-CLI is the command-line interface for WordPress. An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the...