CVE-2023-39342

Dangerzone is software for converting potentially dangerous PDFs, office documents, or images to safe PDFs. The Dangerzone CLI dangerzone-cli command logs output from the container where the file sanitization takes place, to the user's terminal. Prior to version 0.4.2, if the container is...

Pantheon - Insecure Camera Parser

Pantheon is a GUI application that allows users to display information regarding network cameras in various countries as well as an integrated live-feed for non-protected cameras. Functionalities Pantheon allows users to execute an API crawler. There was original functionality without the use of...

CVE-2023-39342 Dangerzone CLI does not sanitize ANSI escape characters

Dangerzone is software for converting potentially dangerous PDFs, office documents, or images to safe PDFs. The Dangerzone CLI dangerzone-cli command logs output from the container where the file sanitization takes place, to the user's terminal. Prior to version 0.4.2, if the container is...

Fedora: Security Advisory for python-vkbasalt-cli (FEDORA-2023-328397d034)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 37 Update: python-vkbasalt-cli-3.1.1.post1-1.fc37

vkbasalt-cli is a CLI utility and library in conjunction with vkBasalt. This makes generating configuration files or running vkBasalt with games easier. This is mainly convenient in environments where integrating vkBasalt is wishful, for example a GUI application. Integrating vkbasalt-cli allows ...

[SECURITY] Fedora 38 Update: python-vkbasalt-cli-3.1.1.post1-1.fc38

vkbasalt-cli is a CLI utility and library in conjunction with vkBasalt. This makes generating configuration files or running vkBasalt with games easier. This is mainly convenient in environments where integrating vkBasalt is wishful, for example a GUI application. Integrating vkbasalt-cli allows ...

MilleGPG5 5.9.2 Local Privilege Escalation

Exploit Title: MilleGPG5 5.9.2 Gennaio 2023 - Local Privilege Escalation / Incorrect Access Control Date: 2023-04-28 Exploit Author: Andrea Intilangelo Vendor Homepage: https://millegpg.it/ Software Homepage: https://millegpg.it - https://millewin.it/prodotti/governo-clinico-3/ Software Link:...

CVE-2021-45809

GlobalProtect-openconnect versions prior to 1.4.3 are affected by incorrect access control in GPService through DBUS, GUI Application. The way GlobalProtect-Openconnect is set up enables arbitrary users to execute commands as root by submitting the --script= parameter...

Malwarebytes CrackMe – contest summary

On October 29 we published our third CrackMe Challenge and announced two parallel tracks for the contest: "The fastest solve" , and "The best write-up". In the first category "The fastest solve" , we got three winners already the first weekend following publication. Big congratulations to: @nazyw...

IRTriage - Incident Response Triage - Windows Evidence Collection For Forensic Analysis

Scripted collection of system information valuable to a Forensic Analyst. IRTriage will automatically "Run As ADMINISTRATOR" in all Windows versions except WinXP. The original source was Triage-ir v0.851 an Autoit script written by Michael Ahrendt. Unfortunately Michael's last changes were posted...

My projects that are not related to Information Security: Yennysay TTS and PyTouchOk companion app

Thanks to the long New Year holidays in Russia, I had time to work on my own projects that are not related to information security. I released them on github and recorded short demos by the way, Zoom is quite convenient for this! ?. Yennysay is a GUI text-to-speach tool that uses a free offline T...

Twitter-Intelligence - Twitter Intelligence OSINT Project Performs Tracking And Analysis Of The Twitter

A project written in Python to twitter tracking and analysis without using Twitter API. Prerequisites This project is a Python 3.x application. The package dependencies are in the file requirements.txt. Run that command to install the dependencies. pip3 install -r requirements.txt Database SQLite...

Assessing Linux Security Configurations with SCAP Workbench

Recently I had a chance to work with OpenSCAP. It's a set of free and open-source tools for Linux Configuration Assessment and a collection security content in SCAP Security Content Automation Protocol format. In this post I will write about SCAP Workbench. It is a GUI application that can check...

CVE-2015-8110

Lenovo System Update formerly ThinkVantage System Update before 5.07.0019 allows local users to gain privileges by navigating to 1 "Click here to learn more" or 2 "View privacy policy" within the Tvsukernel.exe GUI application in the context of a temporary administrator account, aka a "local...

OWASP SSL audit: O-Saft

O-Saft is an easy to use tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. It’s designed to be used by penetration testers, security auditors or server administrators. The idea is to show the important...

[SuperPutty Password Decryptor] SuperPutty Session Login Password Recovery Software

SuperPutty Password Decryptor is the Free desktop tool to instantly recover all the login passswords from SuperPutty session history. SuperPutty is a Windows GUI Application that allows PuTTY SSH Client to be opened in Tabs. It also stores the session details allowing users to automatically login...

RedHat Update for qt RHSA-2013:0669-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for tcl CESA-2013:0122 centos5

Check for the Version of tcl OpenVAS Vulnerability Test CentOS Update for tcl CESA-2013:0122 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

[SA20145] Sybase EAServer JPasswordField Password Disclosure

TITLE: Sybase EAServer JPasswordField Password Disclosure SECUNIA ADVISORY ID: SA20145 VERIFY ADVISORY: http://secunia.com/advisories/20145/ CRITICAL: Not critical IMPACT: Exposure of sensitive information WHERE: Local system SOFTWARE: Sybase EAServer 5.x http://secunia.com/product/5398/...

CVE-2004-0962

Apple Remote Desktop Client 1.2.4 is affected: when launched by an Apple Remote Desktop Administrator, it can run a GUI application as root, enabling remote authenticated users to execute arbitrary code with loginwindow active via Fast User Switching. This is corroborated by Red Hat and CVE datab...