Emerson VE6048R1P3 DeltaV Smart Switch Detection

Binary data 756868.prm...

Rockwell Automation 1756-DMA30/A High Performance Systems Modules

Binary data 754540.prm...

Rockwell Automation/Allen-Bradley Ethernet/IP Products Authentication Bypass

Binary data 720028.prm...

httpd: privilege escalation from modules scripts

A flaw was found in Apache where code executing in a less-privileged child process or thread could execute arbitrary code with the privilege of the parent process usually root. An attacker having access to run arbitrary scripts on the web server PHP, CGI etc could use this flaw to run code on the...

python27:2.7 security update

An update is available for python2-rpm-macros, python-docutils, pytest, python-psycopg2, python-PyMySQL, python-lxml, PyYAML, python-pytest-mock, python-attrs, python-jinja2, python-mock, python-ipaddress, python-funcsigs, python-py, python-chardet, python-markupsafe, python-pluggy,...

Fedora Update for dnf FEDORA-2019-1fccede810

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

The vulnerability of MicroLogix 1400 programmable logic controllers and ControlLogix communication modules lies in the lack of authentication for critical functions, allowing attackers to trigger malfunctions during maintenance operations.

The vulnerability of the microprogrammed logic controller MicroLogix 1400 and the communication module 1756 ControlLogix lies in the absence of authentication for critical functions. Exploiting this vulnerability allows a malicious actor to cause a service failure by connecting via the CIP protoc...

Fedora Update for jackson-modules-base FEDORA-2019-df57551f6d

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Termshark - A Terminal UI For Tshark, Inspired By Wireshark

A terminal user-interface for tshark, inspired by Wireshark. If you're debugging on a remote machine with a large pcap and no desire to scp it back to your desktop, termshark can help! Features Read pcap files or sniff live interfaces where tshark is permitted. Inspect each packet using familiar...

Sensitive Information Leakage

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 collection provide a stable release of Python 2.7 with a number of additional utilities and database connectors f...

Arbitrary File Read

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 collection provide a stable release of Python 2.7 with a number of additional utilities and database connectors f...

Fedora 30 : php (2019-1d78e14cfd)

PHP version 7.3.4 04 April 2019 Core: - Fixed bug php77738 Nullptr deref in zendcompileexpr. Laruence - Fixed bug php77660 Segmentation fault on break 2147483648. Laruence - Fixed bug php77652 Anonymous classes can lose their interface information. Nikita - Fixed bug php77345 Stack Overflow cause...

CVE-2018-14875

An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. Reflected XSS exists with an authenticated session via the Customerid, formName, FrameId, or MODE parameter...

CVE-2018-14931

An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. An open redirect exists via a /IntellectMain.jsp?IntellectSystem= URI...

CVE-2019-10309

The CVE-2019-10309 entry concerns the Jenkins Swarm Plugin (Swarm Client) where UDP-based master discovery responses are XML documents that are parsed without proper XXE protection. This XXE flaw could allow an unauthenticated attacker on the same network to read arbitrary files from Swarm client...

Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-006

The jQuery project released version 3.4.0, and as part of that, disclosed a security vulnerability that affects all prior versions. As described in their release notes: jQuery 3.4.0 includes a fix for some unintended behavior when using jQuery.extendtrue, , .... If an unsanitized source object...

Zeebsploit - Web Scanner / Exploitation / Information Gathering

zeebsploit is a tool for hacking searching for web information and scanning vulnerabilities of a web Installation & Usage apt-get install git git clone https://github.com/jaxBCD/Zeebsploit.git cd Zeebsploit chmod +x install ./install python3 zeebsploit.py type 'help' for show modules and follow...

Zeebsploit - Web Scanner / Exploitation / Information Gathering

zeebsploit is a tool for hacking searching for web information and scanning vulnerabilities of a web Installation & Usage apt-get install git git clone https://github.com/jaxBCD/Zeebsploit.git cd Zeebsploit chmod +x install ./install python3 zeebsploit.py type 'help' for show modules and follow...

Authorization

ABAP BASIS function modules INSTCREATER3RFCDEST, INSTCREATETCPIPRFCDEST, and INSTCREATETCPIPRFCDEST in SAP BASIS fixed in versions 7.0 to 7.02, 7.10 to 7.30, 7.31, 7.40, 7.50 to 7.53 do not perform necessary authorization checks in all circumstances for an authenticated user, resulting in...

CVE-2019-0279

ABAP BASIS function modules INSTCREATER3RFCDEST, INSTCREATETCPIPRFCDEST, and INSTCREATETCPIPRFCDEST in SAP BASIS fixed in versions 7.0 to 7.02, 7.10 to 7.30, 7.31, 7.40, 7.50 to 7.53 do not perform necessary authorization checks in all circumstances for an authenticated user, resulting in...