org.apache.poi:poi-examples (=3.11-beta1), org.apache.poi:poi-excelant (=3.11-beta1) +2 more potentially affected by CVE-2014-3574 via org.apache.poi:poi (=3.11-beta1)

org.apache.poi:poi MAVEN version =3.11-beta1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.poi:poi and may be impacted: - org.apache.poi:poi-examples =3.11-beta1 - org.apache.poi:poi-excelant =3.11-beta1 - org.apache.poi:poi-ooxml...

org.apache.activemq:apache-activemq (>=5.0.0 <=5.19.6), org.apache.axis2:axis2-integration (=1.4) +4 more potentially affected by CVE-2010-1587 via org.apache.activemq:activemq-web-console (>=5.0.0 <=5.3.0)

org.apache.activemq:activemq-web-console MAVEN version =5.0.0, =5.0.0, =5.19.6 - org.apache.axis2:axis2-integration =1.4 - org.apache.camel:camel-example-cxf =1.3.0 - org.apache.camel:camel-example-jms-file =1.3.0 - org.apache.camel:camel-example-spring-xquery =1.3.0 -...

ch.qos.logback:logback-examples (>=1.3.0-alpha0 <=1.3.0-alpha4) potentially affected by CVE-2018-8088 via org.slf4j:slf4j-ext (>=1.8.0-beta0 <=1.8.0-beta1)

org.slf4j:slf4j-ext MAVEN version =1.8.0-beta0, =1.3.0-alpha0, =1.3.0-alpha4 Source cves: CVE-2018-8088 Source advisory: OSV:GHSA-W77P-8CFG-2X43...

Stripe: Tomcat Servlet Examples accessible at https://44.240.33.83:38443 and https://52.36.56.155:38443

Tomcat Servlet Examples were accessible from the internet. This report demonstrated that it was possible to disclose IP addresses of internal application servers...

Apache Tomcat Example Application CSRF and XSS Vulnerabilities

Cross-site request forgery CSRF vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows remote attackers to add events as arbitrary users via the time and description parameters...

GHSA-G77G-VJJM-X83J Apache Tomcat Example Application CSRF and XSS Vulnerabilities

Cross-site request forgery CSRF vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows remote attackers to add events as arbitrary users via the time and description parameters...

GHSA-HC39-RJWP-QFFQ Apache Tomcat XSS Vulnerabilities in Examples Web Application

Multiple cross-site scripting XSS vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via...

Apache Tomcat XSS Vulnerabilities in Examples Web Application

Multiple cross-site scripting XSS vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via...

GHSA-5HGM-QM5M-5VMW Jakarta Tomcat cross-site scripting (XSS) vulnerability

Multiple cross-site scripting XSS vulnerabilities in the 1 examples and 2 ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML...

Undetectable Backdoors in Machine-Learning Models

New paper: "Planting Undetectable Backdoors in Machine Learning Models": Abstract: Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. We show how a malicious learner can plant an undetectab...

WordPress Popup Maker 1.16.5 Plugin - Stored Cross-Site Scripting (Authenticated) Vulnerability

Exploit Title: WordPress Plugin Popup Maker Popup Settings Triggers Add New Cookie Add Cookie Time overwrite the default '1 month' with XSS payload Click 'Add' what triggers the XSS payload Payload examples: alert'XSS';...

[SECURITY] Fedora 36 Update: osgearth-3.2-7.fc36

osgEarth is a C++ terrain rendering SDK. Just create a simple XML file, point it at your imagery, elevation, and vector data, load it into your favorite OpenSceneGraph application, and go! osgEarth supports all kinds of data and comes with lots of examples to help you get up and running quickly a...

Exrop - Automatic ROP Chain Generation

Exrop is automatic ROP chains generator tool which can build gadget chain automatically from given binary and constraints Requirements : Triton, ROPGadget Only support for x86-64 for now! Features: handling non-return gadgets jmp reg, call reg set registers rdi=0xxxxxx, rsi=0xxxxxx set register t...

Mageia: Security Advisory (MGASA-2018-0220)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mirai Botnet Abusing Log4j Vulnerability

Threat Researcher Larry Cashdollar has discovered evidence of the Mirai botnet abusing Log4j vulnerability and shares code examples...

com.github.lburgazzoli:atomix-boot (>=1.0.1 <=1.0.2), com.github.lburgazzoli:atomix-boot-examples (>=1.0.1 <=1.0.2) +123 more potentially affected by CVE-2020-35214 via io.atomix:atomix (>=0.1.0-beta1 <=3.1.5)

io.atomix:atomix MAVEN version =0.1.0-beta1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =3.0.0, =1.2.3-1, =0.0.2, =0.0.2, =0.0.21, =0.0.31, =0.2.12, =0.3.5 and more Source cves: CVE-2020-35214 Source advisory: OSV:GHSA-M4H3-7MC2-V295...

com.github.lburgazzoli:atomix-boot (>=1.0.1 <=1.0.2), com.github.lburgazzoli:atomix-boot-examples (>=1.0.1 <=1.0.2) +123 more potentially affected by CVE-2020-35216 via io.atomix:atomix (>=0.1.0-beta1 <=3.1.5)

io.atomix:atomix MAVEN version =0.1.0-beta1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =3.0.0, =1.2.3-1, =0.0.2, =0.0.2, =0.0.21, =0.0.31, =0.2.12, =0.3.5 and more Source cves: CVE-2020-35216 Source advisory: OSV:GHSA-6VVH-5794-VPMJ...

com.github.lburgazzoli:atomix-boot (>=1.0.1 <=1.0.2), com.github.lburgazzoli:atomix-boot-examples (>=1.0.1 <=1.0.2) +123 more potentially affected by CVE-2020-35211 via io.atomix:atomix (>=0.1.0-beta1 <=3.1.5)

io.atomix:atomix MAVEN version =0.1.0-beta1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =3.0.0, =1.2.3-1, =0.0.2, =0.0.2, =0.0.21, =0.0.31, =0.2.12, =0.3.5 and more Source cves: CVE-2020-35211 Source advisory: OSV:GHSA-4JHC-WJR3-PWH2...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228 Helpers Helpers, examples, and exploits for cv...

XC - A Small Reverse Shell For Linux And Windows

Netcat like reverse shell for Linux & Windows. Features Windows Usage: └ Shared Commands: !exit !upload uploads a file to the target !download downloads a file from the target !lfwd local portforwarding like ssh -L !rfwd remote portforwarding like ssh -R !lsfwd lists active forwards !rmfwd remove...