CVE-2020-29017

An OS command injection vulnerability in FortiDeceptor 3.1.0, 3.0.1, 3.0.0 may allow a remote authenticated attacker to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization page...

Command injection

An OS command injection vulnerability in FortiDeceptor 3.1.0, 3.0.1, 3.0.0 may allow a remote authenticated attacker to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization page...

CVE-2020-29017

An OS command injection vulnerability in FortiDeceptor 3.1.0, 3.0.1, 3.0.0 may allow a remote authenticated attacker to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization page...

Unbreakable Enterprise kernel security update

5.4.17-2036.102.0.2uek - xen-blkback: set ring-xenblkd to NULL after kthreadstop Pawel Wieczorkiewicz Orabug: 32260252 CVE-2020-29569 - xenbus/xenbusbackend: Disallow pending watch messages SeongJae Park Orabug: 32253409 CVE-2020-29568 - xen/xenbus: Count pending messages for each watch SeongJae...

VulnCheck KEV: CVE-2019-8394

Zoho ManageEngine ServiceDesk Plus SDP contains an unspecified vulnerability that allows remote users to upload files via login page customization...

How to Gain Visibility Into Audit Logs for Policy Customization in InsightVM

Since the launch of InsightVM’s Custom Policy Builder in June of this year, hundreds of organizations have created and customized secure configuration policies. While the standard CIS and DISA benchmarks are, by default, great for an organization to kickstart their policy and compliance program,...

httpd:2.4 security, bug fix, and enhancement update

httpd 2.4.37-13.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracles index page oracleindex.html 2.4.37-30 - Resolves: 1209162 - support logging to journald from CustomLog 2.4.37-29 - Resolves: 1823263 CVE-2020-1934 - CVE-2020-1934 httpd: modproxyftp use o...

The SmartHub Tool

SmartHub v1 Created Date: 12/17/2015 Updated Date: 4/4/2016 Current Version is v1.1 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to the...

eDEX-UI - A Cross-Platform, Customizable Science Fiction Terminal Emulator With Advanced Monitoring &Touchscreen Support

eDEX-UI is a fullscreen, cross-platform terminal emulator and system monitor that looks and feels like a sci-fi computer interface. Heavily inspired from the TRON Legacy movie effects especially the Board Room sequence, the eDEX-UI project was originally meant to be "DEX-UI with less « art » and...

Pwndoc - Pentest Report Generator

PwnDoc is a pentest reporting application making it simple and easy to write your findings and generate a customizable Docx report. The main goal is to have more time to Pwn and less time to Doc by mutualizing data like vulnerabilities between users. Documentation Installation Data Vulnerabilitie...

GHSA-6GW4-X63H-5499 Ability to switch customer email address on account detail page and stay verified

Impact The user may register in a shop by email [email protected], verify it, change it to the mail [email protected] and stay verified and enabled. This may lead to having accounts addressed to totally different emails, that were verified. Note, that this way one is not able to take over any...

Faraday v3.12 - Collaborative Penetration Test and Vulnerability Management Platform

There are better ways than managing vulnerabilities with spreadsheets, especially when you are working with several tools. We know it’s easy to lose trail of your efforts. In faraday you can keep track of your scanners and your team in one place, This update is focused on improving your everyday...

Bashtop - Linux/OSX/FreeBSD Resource Monitor

Bpytop, bashtop python port is now available at https://github.com/aristocratos/bpytop It's a lot faster and about a third as cpu heavy and has more features, including: Mouse support Toggleable mini mode More customization Graphs for memory consumption It's also a lot easier for me to bug fix an...

CVE-2020-5919

In versions 15.1.0-15.1.0.4, rendering of certain session variables by BIG-IP APM UI-based agents in an access profile configured with Modern customization, may cause the Traffic Management Microkernel TMM to stop responding...

CVE-2020-5919

In versions 15.1.0-15.1.0.4, rendering of certain session variables by BIG-IP APM UI-based agents in an access profile configured with Modern customization, may cause the Traffic Management Microkernel TMM to stop responding...

CVE-2020-5919

In versions 15.1.0-15.1.0.4, rendering of certain session variables by BIG-IP APM UI-based agents in an access profile configured with Modern customization, may cause the Traffic Management Microkernel TMM to stop responding...

IIS-Raid - A Native Backdoor Module For Microsoft IIS (Internet Information Services)

IS Raid is a native IIS module that abuses the extendibility of IIS to backdoor the web server and carry out custom actions defined by an attacker. Documentation When installed, IIS-Raid will process every request and method, check if the X-Password header exists and compare it against the...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

SMBGhost-LPE-Metasploit-Module This is an implementation of th...

[SECURITY] Fedora 32 Update: nethack-3.6.6-1.fc32

NetHack is a single player dungeon exploration game that runs on a wide variety of computer systems, with a variety of graphical and text interfaces all using the same game engine. Unlike many other Dungeons & Dragons-inspired games, the emphasis in NetHack is on discovering the detail of the...

WiFi Passview v2.0 - An Open Source Batch Script Based WiFi Passview For Windows!

WiFi Passview is an open source batch script based program that can recover your WiFi Password easily in seconds. This is for Windows OS only. Basically, this scripted program has the same function as other passview softwares such as webpassview and mailpassview. Disclaimer : WiFi Passview is NOT...