4419 matches found
Liffy - Local File Inclusion Exploitation Tool
LFI Exploitation tool A little python tool to perform Local file inclusion. Liffy v2.0 is the improved version of liffy which was originally created by rotlogix/liffy. The latter is no longer available and the former hasn't seen any development for a long time. Main feature data:// for code...
CVE-2020-9351
An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request to /tools/developerConsoleOperations.jsp or /isomorphic/IDACall with malformed XML data in the transaction parameter, the server replies with a verbose error showing where the application resides the...
CVE-2020-9352
An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a valid payload in the transaction parameter. NOTE: the documentation states "These tools are, by...
Integer overflow
An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a valid payload in the transaction parameter. NOTE: the documentation states "These tools are, by...
Directory traversal
An issue was discovered in SmartClient 12.0. The Remote Procedure Call RPC loadFile provided by the console functionality on the /tools/developerConsoleOperations.jsp or /isomorphic/IDACall URL is affected by unauthenticated Local File Inclusion via directory-traversal sequences in the elem XML...
CVE-2020-9353
An issue was discovered in SmartClient 12.0. The Remote Procedure Call RPC loadFile provided by the console functionality on the /tools/developerConsoleOperations.jsp or /isomorphic/IDACall URL is affected by unauthenticated Local File Inclusion via directory-traversal sequences in the elem XML...
AFLplusplus
This is a code repository for AFLplusplus, a tool for fuzz testing and vulnerability discovery. The repository contains various files and directories related to the project, including configuration files, makefiles, and documentation. The repository is organized as follows: .clang-format is a...
[SECURITY] Fedora 30 Update: texlive-base-20180414-37.fc30
The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...
Amazon Linux AMI : python27, python35, python36 (ALAS-2020-1342)
The version of python27 installed on the remote host is prior to 2.7.16-1.131. The version of python35 installed on the remote host is prior to 3.5.7-1.25. The version of python36 installed on the remote host is prior to 3.6.10-1.16. It is, therefore, affected by a vulnerability as referenced in...
[SECURITY] Fedora 31 Update: texlive-base-20190410-8.fc31
The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...
Fedora: Security Advisory for texlive-base (FEDORA-2020-bb5c663b83)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2019-15977
creationtimestamp| type| source ---|---|--- 2020-02-06 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48020 2024-03-19 15:16:48+00:00| seen| https://t.me/ctinow/211577...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0271
An update of 'libxml2', 'xerces-c' packages of Photon OS has been released...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0270
An update of 'sqlite-autoconf' packages of Photon OS has been released...
CVE-2019-9674
Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service resource consumption via a ZIP bomb...
Nfstream - A Flexible Network Data Analysis Framework
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python...
Pen Testing Ships. A year in review
Partially driven by the upcoming inclusion of Cyber Security by the IMO International Maritime Organisation, 2019 was a really busy year for maritime security testing at PTP. What can we all learn from a year of evaluating the security of ships? We’ve been involved in all sorts of ship testing,...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0203
An update of 'libxml2' packages of Photon OS has been released...
[SECURITY] Fedora 31 Update: python-pillow-6.2.2-1.fc31
Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...
Centreon 19.10.5 - (centreontrapd) Remote Command Execution Exploit
Exploit for php platform in category web applications Exploit Title: Centreon 19.10.5 - 'centreontrapd' Remote Command Execution Exploit Author: Fabien AUNAY, Omri Baso Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested on: CentO...