Gin-Vue-Admin 代码问题漏洞

Gin-Vue-Admin is a full-stack pre-development infrastructure platform based on Vue and Gin development. A code issue exists in Gin-Vue-Admin versions prior to 2.5.4, which stems from a validation of the fileMd5 and fileName parameters, which could lead to reading arbitrary files...

CVE-2019-15795 python-apt uses MD5 for validation

python-apt only checks the MD5 sums of downloaded files in Version.fetchbinary and Version.fetchsource of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle attack which could potentially be used to install altered packages and has been fixed in versions...

Trend Micro OfficeScan 11.0/XG (12.0) - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Trend Micro OfficeScan Remote Code Execution", 'Description' = %q This module exploits the authentication bypass and command injection vulnerabili...