Microsoft Windows DNS Cache Output (Windows SMB Login)

This plugin creates a comma-separated CSV output of the target SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Bitwarden: Export vault feature is vulnerable to CSV injection

Hello guys I don't know if you care about this issue but it seems that the export feature in your https://vault.bitwarden.com//tools is vulnerable to CSV injection. If a CSV contains a malicious command it may have big impact Even though there is a popup notification for users before opening the...

raven - Linkedin Information Gathering Tool

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin. Please do not use this program to do stupid things. The author does not keep any responsability of what damage has been done by this program...

Immunity Canvas: OFFICE_WSDL

Name| officewsdl ---|--- CVE| CVE-2017-8759, CVE-2017-8570 Exploit Pack| CANVAS Description| Microsoft Office Moniker/WSDL C Injection Notes| CVE Name: CVE-2017-8759, CVE-2017-8570 VENDOR: https://office.com Notes: Send the resulting document to someone and have them open it. If the target is...

openSUSE Security Update : cacti / cacti-spine (openSUSE-2017-999)

This update for cacti and cacti-spine fixes security issues and bugs. The following vulnerabilities were fixed : - CVE-2017-12927: Cross-site scripting vulnerability in methodparameter bsc1054390 - CVE-2017-12978:Cross-site scripting vulnerability via the title field bsc1054742 It also contains a...

Linkedin Information Gathering Tool: raven

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin. Usage of this is application is pretty simple. It requires at least three parameters. The first one is the company name , the second one is the count...

Comission - WhiteBox CMS Analysis

CoMisSion is a tool to quickly analyze a CMS setup. The tool: checks for the core version; looks for the last core version; looks for vulnerabilities in core version used; checks for plugins version; looks for vulnerabilities in plugins version used; A complete report can be generated in XLSX or...

[SECURITY] Fedora 25 Update: python-tablib-0.11.5-1.fc25

Tablib is a format-agnostic tabular dataset library, written in Python. Output formats supported: - Excel Sets + Books - JSON Sets + Books - YAML Sets + Books - HTML Sets - TSV Sets - CSV Sets...

[SECURITY] Fedora 26 Update: python-tablib-0.11.5-1.fc26

Tablib is a format-agnostic tabular dataset library, written in Python. Output formats supported: - Excel Sets + Books - JSON Sets + Books - YAML Sets + Books - HTML Sets - TSV Sets - CSV Sets...

libreoffice security and bug fix update

1:5.0.6.2-14.0.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.0.6.2-14 - Resolves: rhbz1454693 segv on interrupting tiled rendering 1:5.0.6.2-13 - Related: rhbz1444437 remove timer if...

OpenEMR Security Bypass Vulnerability

OpenEMR is an open source medical management system maintained by the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. A security bypass vulnerability exists in the 'csvloghtml' function in th...

Exploit for Out-of-bounds Read in Openssl

This repository contains a collection of tools and exploits for various vulnerabilities, including: A payload for the Apache Struts 2 vulnerability CVE-2017-5638 that allows remote code execution. A tool for exploiting the Heartbleed vulnerability CVE-2014-0160 in OpenSSL. A tool for exploiting t...

Prowler - Tool for AWS Security Assessment, Auditing And Hardening

Tool based on AWS-CLI commands for AWS account security assessment and hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark 1.1 Features It covers hardening and security best practices for all AWS regions related to: Identity and Access Management 24 checks Logging...

CVE-2017-1000039

Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution...

CVE-2017-1000039

Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution...

Design/Logic Flaw

Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution...

CVE-2017-1000039

Framadate version 1.0 is vulnerable to Formula Injection in the CSV Export resulting possible Information Disclosure and Code Execution...

CVE-2017-10791

There is an Integer overflow in the hashint function of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack...

UBUNTU-CVE-2017-10792

There is a NULL Pointer Dereference in the function llinsert of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack...

DEBIAN-CVE-2017-10791

There is an Integer overflow in the hashint function of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack...