4422 matches found
SpiderFoot v2.6.1 - Open Source Intelligence Automation
SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target. Purpose There are three main areas where SpiderFoot can be useful: 1. If you are a pen-tester, SpiderFoot will automate the reconnaisance stage of the tes...
VM does not meet the requirements for storage snapshot based jobs
Challenge A task utilizing storage snapshot integration fails with any of the following errors: VM does not meet requirements for storage snapshot based jobs: its virtual disks are not located on supported storage VM does not meet requirements for storage snapshot based jobs: its files are locate...
Katana - Framework for Hackers, Professional Security and Developers
Katana is a framework written in python for making penetration testing, based on a simple and comprehensive structure for anyone to use, modify and share, the goal is to unify tools serve for professional when making a penetration test or simply as a routine tool, The current version is not...
Critical: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.5 jboss-ec2-eap update
Updated jboss-ec2-eap packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat JBoss Enterprise Application Platform 6.4.4 on Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Critical security impact. Commo...
Critical: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.5 update
Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.5 and fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Critical security impact. Common...
CVE-2015-1336
creationtimestamp| type| source ---|---|--- 2015-12-02 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41158...
pcs security update
CentOS Errata and Security Advisory CESA-2015:2290 An updated pcs package that fixes one security issue, several bugs, and add various enhancements is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common...
openssh security, bug fix, and enhancement update
6.6.1p1-22 - Use the correct constant for glob limits 1160377 6.6.1p1-21 - Extend memory limit for remote glob in sftp acc. to stat limit 1160377 6.6.1p1-20 - Fix vulnerabilities published with openssh-7.0 1265807 - Privilege separation weakness related to PAM support - Use-after-free bug related...
CVE-2015-7865
creationtimestamp| type| source ---|---|--- 2015-11-23 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38792...
[SECURITY] Fedora 22 Update: postgresql-9.4.5-1.fc22
PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...
[SECURITY] Fedora 22 Update: wildmagic5-5.13-12.fc22
A library of source code for computing in the fields of graphics, mathematics, physics, and image analysis. Web page documentation: http://www.geometrictools.com/Documentation/Documentation.html...
[SECURITY] Fedora 21 Update: wildmagic5-5.13-12.fc21
A library of source code for computing in the fields of graphics, mathematics, physics, and image analysis. Web page documentation: http://www.geometrictools.com/Documentation/Documentation.html...
The Artillery Project
Artillery is a combination of a honeypot, monitoring tool, and alerting system. Eventually this will evolve into a hardening monitoring platform as well to detect insecure configurations from nix systems. It’s relatively simple, run ./setup.py and hit yes, this will install Artillery in...
[SECURITY] Fedora 21 Update: ntp-4.2.6p5-34.fc21
The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...
SAP 3D Visual Enterprise Viewer Arbitrary Code Execution Vulnerability
SAP 3D Visual Enterprise Viewer VEV is a suite of software from SAP for viewing, zooming, panning and rotating interactive 3D data and playing step-by-step animations. A security vulnerability exists in SAP 3D Visual Enterprise Viewer VEV. The vulnerability can be exploited by a remote attacker t...
CVE-2015-7898
creationtimestamp| type| source ---|---|--- 2015-11-03 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38610...
Docker Remote API 未授权访问
介绍 docker 在使用集群管理如:Kubernetes,swarm时,要使用remote api对节点进行管理.remote api无认证时的默认端口是2375需要TLS认证默认登录是2376。 remote api默认是可以不需要认证能直接访问,能直接对docker进行操作,如新建容器,删除容器,查看镜像容器信息等... remote api操作方法见docker官方文档 检测docker remote api 未授权访问可以使用curl或者直接用浏览器访问 http://ip:2375/info 如果返回了json证明漏洞存在,如下图 其他参考链接...
CVE-2015-4902
creationtimestamp| type| source ---|---|--- 2015-10-28 15:34:58+00:00| seen| MISP/5630e8bc-eaf0-4130-a4d6-4609950d210b 2017-04-26 06:44:05+00:00| seen| MISP/59003521-ebbc-4b0b-92ed-3a25bce2ab96 2020-10-09 14:23:52+00:00| seen| MISP/ac986ebb-348a-4ad8-a64f-0afcac8f9b9b 2020-10-09 17:20:22+00:00|...
Mail.ru: [api.allodsteam.com] Authentication Data
api.allodsteam.com had an open public folder with some sensitive information for initial server setup, including sensitive internal documentation and database dumps...
RHEL 5 : JBoss EAP (RHSA-2015:1904)
Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.4 and fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common...