Ikeext-Privesc - Windows IKEEXT DLL Hijacking Exploit Tool

This tool is intended for automatically detecting and exploiting the IKE and AuthIP IPsec Keyring Modules Service IKEEXT Missing DLL vulnerability. Description A major weakness is present in Windows Vista, 7, 8, Server 2008, Server 2008 R2 and Server 2012, which allows any authenticated user to...

WebAssembly Changes Could Ruin Meltdown/Spectre Browser Patches

Upcoming changes to the WebAssembly Wasm format may defang the browser patches for infamous side-channel attacks Meltdown and Spectre. Wasm was invented to improve execution speed for porting desktop applications to web-based environments; programs are compiled in Wasm and then can easily be run ...

Axis IP Cameras Memory Corruption Vulnerability

Axis IP Cameras is a network camera product from Axis, Sweden. A memory corruption vulnerability exists in several modules in Axis IP Cameras. An attacker could exploit this vulnerability to cause a denial of service memory corruption and crash...

Optiva Framework - Web Application Scanner

You can use this Framework on your website to check the security of your website by finding the vulnerability in your website or you can use this tool to Get admin panel search SQL injection by dork As well as collecting information and encrypting Hash. Features : Infromation Modules : Port Scann...

The OSINT Omnibus

An Omnibus is defined as a volume containing several novels or other items previously published separately and that is exactly what the InQuest Omnibus project intends to be for Open Source Intelligence collection, research, and artifact management. By providing an easy to use interactive command...

[SECURITY] Fedora 28 Update: ansible-2.5.5-2.fc28

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

[SECURITY] Fedora 27 Update: ansible-2.5.5-2.fc27

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

CVE-2018-12658

Reflected Cross-Site Scripting XSS exists in the Stock Take module in SLiMS 8 Akasia 8.3.1 via an admin/modules/stocktake/index.php?keywords= URI...

SUSE-SU-2018:1784-1 Security update for kernel modules packages

The following kernel modules were rebuild with 'retpoline' enablement to allow full mitigation of the Spectre Variant 2 CVE-2017-5715, bsc1068032 OFED was adjusted to add an entry to control the loading/unloading of cxgb4 to /etc/sysconf/infiniband bsc926856...

SUSE SLES11 Security Update : pam-modules (SUSE-SU-2018:1760-1)

This update for pam-modules fixes the following security issue : - CVE-2011-3172: Ensure that unix2chkpwd calls pamacctmgmt to prevent usage of locked accounts bsc707645. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...

NX-OS Software Denial of Service Vulnerability in Multiple Cisco Products

Cisco Nexus 2000 Series Switches are switch devices.Fabric Modules are switch matrix modules.NX-OS Software is a set of data center-class operating system software that runs on them. NX-OS Software is a set of data center-grade operating system software used by the switches.Border Gateway Protoco...

SUSE-SU-2018:1760-1 Security update for pam-modules

This update for pam-modules fixes the following security issue: - CVE-2011-3172: Ensure that unix2chkpwd calls pamacctmgmt to prevent usage of locked accounts bsc707645...

Adobe CreativeCloud Input Validation and Encoding Vulnerability

Adobe Creative Cloud is a digital hub that provides access to every Adobe Creative Suite 6 desktop application, online services, and other newly released applications. Adobe CreativeCloud suffers from an input validation and encoding vulnerability that allows remote attackers to inject their own...

simple-npm-registry directory traversal vulnerability

simple-npm-registry is a package that supports distribution of private npm modules. A directory traversal vulnerability exists in simple-npm-registry. An attacker can exploit this vulnerability by placing a '. /' sequence in a URL to gain access to the file system...

Pure python post-exploitation RAT for macOS & OSX: EvilOSX

A pure python, post-exploitation, RAT Remote Administration Tool for macOS / OSX. Features Emulate a simple terminal instance Undetected by anti-virus OpenSSL AES-256 encrypted payloads, HTTPS communication Multi-threaded No client dependencies pure python Persistent Simple extendable module syst...

Security Bulletin: A vulnerability has been discovered in 40-GbE network interface modules for the IBM Security Network Protection XGS 7100 appliance (CVE-2016-8106)

Summary A denial of service vulnerability CVE-2016-8106 has been discovered in 40-GbE network interface modules for the IBM Security Network Protection XGS 7100 appliance. Vulnerability Details CVEID: CVE-2016-8106 DESCRIPTION: Intel Ethernet Controller X710/XL710 is vulnerable to a denial of...

Security Bulletin: A vulnerability in Pluggable Authentication Modules (PAM) affects IBM Security Network Protection (CVE-2015-3238)

Summary Pluggable Authentication Modules PAM provide a system whereby administrators can set up authentication policies without having to recompile programs to handle authentication. A security vulnerability has been discovered in PAM used with IBM Security Network Protection. Vulnerability Detai...

Satellite Tracking Application: Gpredict

Gpredict is a real-time satellite tracking and orbit prediction application. It can track a large number of satellites and display their position and other data in lists, tables, maps, and polar plots radar view. Gpredict can also predict the time of future passes for a satellite, and provide you...

CVE-2018-1419

IBM WebSphere MQ 8.0 and 9.0, when configured to use a PAM module for authentication, could allow a user to cause a deadlock in the IBM MQ PAM code which could result in a denial of service. IBM X-Force ID: 138949...

Metateta - Automated Tool For Scanning And Exploiting Network Protocols Using Metasploit

Metateta Automated Tool For Scanning And Exploiting Network Protocols Using Metasploit For faster pen testing for large networks What You Can Do Scanning with all metasploit modules for specific network Protocol like smb,smtp,snmp Run all Auxiliary modules against specific network Protocol Run al...