Micro Focus SUSE Linux Enterprise Information Disclosure Vulnerability

Micro Focus SUSE Linux Enterprise is a suite of enterprise Linux operating systems from Micro Focus in the UK. A security vulnerability exists in pammodules in versions of Micro Focus SUSE Linux Enterprise prior to 12. An attacker could exploit the vulnerability to log in to an account that shoul...

Omnibus - Open Source Intelligence Collection, Research, And Artifact Management

An Omnibus is defined as a volume containing several novels or other items previously published separately and that is exactly what the InQuest Omnibus project intends to be for Open Source Intelligence collection, research, and artifact management. By providing an easy to use interactive command...

Gpredict - Satellite Tracking Application

Gpredict is a real-time satellite tracking and orbit prediction application. It can track a large number of satellites and display their position and other data in lists, tables, maps, and polar plots radar view. Gpredict can also predict the time of future passes for a satellite, and provide you...

CVE-2017-16127

The module pandora-doomsday infects other modules. It's since been unpublished from the registry...

Node.js third-party modules: XSS in express-useragent through HTTP User-Agent

Hello, I would like to report an XSS in express-useragent module due a lack of validating User-Agent header. Please note I already created an Github issue and asked for CVE CVE-2018-9863. I did not know about Node.js third-party modules on hackerone. Description express-useragent is simple...

openSUSE Security Update : kernel modules (openSUSE-2018-551) (Spectre)

This update provides rebuilt kernel modules for openSUSE Leap 42.3 with retpoline enablement to address Spectre Variant 2 CVE-2017-5715 bsc1068032. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

SUSE SLES12 Security Update : oracleasm kmp (SUSE-SU-2018:1503-1) (Spectre)

This update provides rebuilt kernel modules for SUSE Linux Enterprise 12 SP3 products with retpoline enablement to address Spectre Variant 2 CVE-2017-5715 bsc1068032. Following modules have been rebuilt : - drbd - oracleasm - crash - lttng-modules Note that Tenable Network Security has extracted...

SUSE-SU-2018:1503-1 Security update for oracleasm kmp

This update provides rebuilt kernel modules for SUSE Linux Enterprise 12 SP3 products with retpoline enablement to address Spectre Variant 2 CVE-2017-5715 bsc1068032. Following modules have been rebuilt: - drbd - oracleasm - crash - lttng-modules...

10-Strike Network Scanner 3.0 - Local Buffer Overflow (SEH)

Exploit Title: 10-Strike Network Scanner 3.0 - Local Buffer Overflow SEH Exploit Author: Hashim Jawad - ihack4falafel Date: 2018-06-05 Vendor Homepage: https://www.10-strike.com/ Vulnerable Software: https://www.10-strike.com/network-scanner/network-scanner.exe Tested on: Windows XP Professional ...

Backdoorme - Powerful Auto-Backdooring Utility

Tools like metasploit are great for exploiting computers, but what happens after you've gained access to a computer? Backdoorme answers that question by unleashing a slew of backdoors to establish persistence over long periods of time. Once an SSH connection has been established with the target,...

RouterSploit v3.0 - Exploitation Framework For Embedded Devices

The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations: exploits - modules that take advantage of identified vulnerabilities creds - modules designed to test credentials against...

SUSE-SU-2018:1486-1 Security update for HA kernel modules

This update provides rebuilds of HA kernel modules with retpoline support to mitigate Spectre Variant 2 CVE-2017-5715 bsc1068032 cluster fs also received these bugfixes: - backport patch to fix dlmglue false deadlock bnc962257 - Fix for online increase of filesystem in kernel mode fails bsc936517...

Design/Logic Flaw

ClipperCMS 1.3.3 has XSS in the "Module name" field in a "Modules - Manage modules - edit" action to the manager/ URI...

CVE-2018-11572

ClipperCMS 1.3.3 has XSS in the "Module name" field in a "Modules - Manage modules - edit" action to the manager/ URI...

CVE-2018-11572

ClipperCMS 1.3.3 has XSS in the "Module name" field in a "Modules - Manage modules - edit" action to the manager/ URI...

CVE-2018-11572

ClipperCMS 1.3.3 has XSS in the "Module name" field in a "Modules - Manage modules - edit" action to the manager/ URI...

ClipperCMS Cross-Site Scripting Vulnerability (CNVD-2018-10866)

ClipperCMS is a content management system CMS. A cross-site scripting vulnerability exists in the 'Module name' field under the 'Modules - Manage modules - edit' tag in ClipperCMS version 1.3.3. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

install-nw code execution vulnerability (CNVD-2018-10902)

install-nw is a tool for installing and caching NW.j modules. A security vulnerability exists in versions prior to install-nw 1.1.5, which originates when a program downloads JavaScript resources over the HTTP protocol. A remote attacker can exploit the vulnerability by replacing the requested...

CVE-2018-11572

ClipperCMS 1.3.3 has an XSS vulnerability in the Module name field accessed via Modules → Manage modules → edit (manager/ URI). The issue allows injection of arbitrary web script or HTML (remote exploitation). Root cause: improper sanitization of the module name input. Impact: potential script ex...

ALPINE-CVE-2018-11235

In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because...