WSVuls - Website Vulnerability Scanner Detect Issues (Outdated Server Software And Insecure HTTP Headers)

WSVuls Website vulnerability scanner detect issues outdated server software and insecure HTTP headers. What's WSVuls? WSVuls is a simple and powerful command line tool for Linux, Windows and macOS. It's designed for developers/testers and for those workers in IT who want to test vulnerabilities a...

Security Bulletin: IBM Sterling Global Mailbox vulnerable to sensitive information exposure due to Jackson Data Mapper (CVE-2019-10172)

Summary Data mapper for Jackson is shipped with IBM Sterling Global Mailbox. Sensitive information exposure due to XXE error impacts Data mapper for Jackson. Remediation is available for the issues. Vulnerability Details CVEID: CVE-2019-10172 DESCRIPTION: Jackson-mapper-asl could allow a remote...

IAM Vulnerable - Use Terraform To Create Your Own Vulnerable By Design AWS IAM Privilege Escalation Playground

Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground. IAM Vulnerable uses the Terraform binary and your AWS credentials to deploy over 250 IAM resources into your selected AWS account. Within minutes, you can start learning how to identify and exploit...

device-mapper-persistent-data bug fix and enhancement update

An update is available for device-mapper-persistent-data. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, se...

device-mapper-multipath bug fix and enhancement update

An update is available for device-mapper-multipath. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

device-mapper-multipath bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

ALBA-2021:4367 device-mapper-multipath bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

Security Bulletin: Jackson Data Mapper Vulnerability Affects IBM Sterling B2B Integrator (CVE-2019-10172)

Summary IBM Sterling B2B Integrator has addressed the security vulnerability. Vulnerability Details CVEID: CVE-2019-10172 DESCRIPTION: Jackson-mapper-asl could allow a remote attacker to obtain sensitive information, caused by an XML external entity XXE error when processing XML data. By sending ...

OESA-2021-1342 jackson security update

JSON processor written in Java., it also offers full node-based Tree Model, as well as full Object/Json Mapper data binding functionality. Security Fixes: A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write. Qt 5.0.0 through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath called from QRasterPaintEngine::fill and QPaintEngineEx::stroke. Remediation Upgrade qt to version 6.2.4 or higher. References -...

Django path traversal vulnerability (CNVD-2022-31940)

Django is the Django Foundation's set of open source web application framework based on the Python language . The framework includes an object-oriented mapper, view system, template system, etc. Django has a path traversal vulnerability that stems from the fact that a user can use the:...

awesome-windows-exploitation

This is a curated list of Windows exploitation resources and tools. The repository is a collection of articles, tutorials, and tools for Windows exploitation, including stack overflows, heap overflows, and kernel-based Windows overflows. The list includes resources such as articles from Phrack, a...

device-mapper-multipath bug fix and enhancement update

An update is available for device-mapper-multipath. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

device-mapper-multipath bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

PT-2021-8032 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.3.18-53-default 1 SLE15-SP3 Description: The vulnerability is related to a double free of the blk mq tag set in the device-mapper table for a request-based mapped device. When the allocation/initialization of...

The vulnerability of the RPC Endpoint Mapper service on Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the RPC Endpoint Mapper service on Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

PT-2021-12003 · Vaadin · Com.Vaadin:Flow-Server +1

Name of the Vulnerable Software and Affected Versions: com.vaadin:flow-server versions 3.0.0 through 3.0.5 Vaadin versions 15.0.0 through 15.0.4 Description: The issue is related to an insecure configuration of the default ObjectMapper in the affected software. This may expose sensitive data if t...

Microsoft Windows and Windows Server Elevation of Privilege Vulnerability (CNVD-2021-34472)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in the RPC Endpoint Mapper Service in...

Microsoft Windows Multiple Vulnerabilities (KB5001335)

This host is missing a critical security update according to Microsoft KB5001335 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-27091

RPC Endpoint Mapper Service Elevation of Privilege Vulnerability...