ALPINE-CVE-2019-5737

In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service DoS by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated...

CVE-2019-5737

In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service DoS by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated...

CVE-2019-5737

In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service DoS by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated...

Deserialization of untrusted data

The Management Console in GitHub Enterprise 2.8.x before 2.8.7 has a deserialization issue that allows unauthenticated remote attackers to execute arbitrary code. This occurs because the enterprise session secret is always the same, and can be found in the product's source code. By sending a...

Denial Of Service (DoS)

Apache Tomcat is vulnerable to denial of service vulnerability. A remote user can send a malicious request with a malformed HTTP Host header via the Java AJP connector to cause the target modjk load balancing worker to be blocked for approximately one minute, resulting in a temporary denial of...

The vulnerability of the load_image function in the graphics library libcaca allows a hacker to execute arbitrary code.

The vulnerability of the loadimage function in the graphic library libcaca is related to integer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

UBUNTU-CVE-2018-16789

libhttp/url.c in shellinabox through 2.20 has an implementation flaw in the HTTP request parsing logic. By sending a crafted multipart/form-data HTTP request, an attacker could exploit this to force shellinaboxd into an infinite loop, exhausting available CPU resources and taking the service down...

CVE-2017-16231

In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...

Moderate: Red Hat Security Advisory: openstack-octavia security update

An update for openstack-octavia is now available for Red Hat OpenStack Platform 14.0 Rocky. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Mad-Metasploit - Metasploit Custom Modules, Plugins & Resource Scripts

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection https://www.hahwul.com/p/mad-metasploit.html Awesome open awesome.md Add mad-metasploit to metasploit framework 1. config your metasploit-framework directory $ vim config/config.rb $metasploitpath =...

CVE-2017-16231

In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...

Moderate: Red Hat Security Advisory: openstack-octavia security and bug fix update

An update for openstack-octavia is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 3.10 haproxy security update

An update for haproxy is now available for Red Hat OpenShift Container Platform 3.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

pfSense 2.4.4-p1 (HAProxy Package 0.59_14) - Persistent Cross-Site Scripting

pfSense 2.4.4-p1 HAProxy Package 0.5914 - Persistent Cross-Site Scripting Exploit Title: pfSense 2.4.4-p1 HAProxy Package 0.5914 - Stored Cross-Site Scripting Date: 13.02.2019 Exploit Author: Gionathan "John" Reale Vendor Homepage: https://www.pfsense.org Version: 2.4.4-p1/0.5914 Software Link: N...

pfSense 2.4.4-p1 (HAProxy Package 0.59_14) - Persistent Cross-Site Scripting

Exploit Title: pfSense 2.4.4-p1 HAProxy Package 0.5914 - Stored Cross-Site Scripting Date: 13.02.2019 Exploit Author: Gionathan "John" Reale Vendor Homepage: https://www.pfsense.org Version: 2.4.4-p1/0.5914 Software Link: N/A Google Dork: N/A CVE:2019-8953 Introduction pfSense® software is a free...

pfSense 2.4.4-p1 (HAProxy Package 0.59_14) - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: pfSense 2.4.4-p1 HAProxy Package 0.5914 - Stored Cross-Site Scripting Exploit Author: Gionathan "John" Reale Vendor Homepage: https://www.pfsense.org Version: 2.4.4-p1/0.5914 Software Link: N/A Google Dork: N/A CVE:2019-8953...

September 20, 2018—KB4457139 (Preview of Monthly Rollup)

September 20, 2018—KB4457139 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4457144 released September 11, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Address...

September 20, 2018—KB4457133 (Preview of Monthly Rollup)

September 20, 2018—KB4457133 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4457129 released September 11, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Address...

PT-2019-17836 · Node.Js +7 · Node.Js +7

Name of the Vulnerable Software and Affected Versions: Node.js versions 6.x before 6.17.0 Node.js versions 8.x before 8.15.1 Node.js versions 10.x before 10.15.2 Node.js versions 11.x before 11.10.1 Description: An attacker can cause a Denial of Service DoS by establishing an HTTP or HTTPS...

Cat-Nip - Automated Basic Pentest Tool (Designed For Kali Linux)

Cat-Nip Automated BasicPentest Tool this tool will make your basic pentesting task like Information Gathering, Auditing, And Reporting so this tool will do every task fully automatic. Usage Guide Download / Clone Cat-Nip git clone https://github.com/baguswiratmaadi/catnip Go Inside Cat-Nip Dir cd...