Rocky Linux 8 : python27:2.7 (RLSA-2019:0981)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:0981 advisory. - SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the orderby parameter. CVE-2019-7164 - SQLAlchemy 1.2.17 has SQL Injectio...

AVS Audio Converter 10.3 Stack Overflow

Exploit Title: AVS Audio Converter 10.3 - Stack Overflow SEH Discovered by: Yehia Elghaly - Mrvar0x Discovered Date: 2022-10-16 Tested Version: 10.3.1.633 Tested on OS: Windows 7 Professional x86 pop+ret Address=005154E6 Message= 0x005154e6 : pop ecx pop ebp ret 0x04 | startnull PAGEEXECUTEREAD...

FTP Commander Pro 8.03 - Local Stack Overflow

FTP Commander Pro 8.03 - Local Stack Overflow Exploit Title: FTP Commander Pro 8.03 - Local Stack Overflow Date: 2019-12-12 Exploit Author: boku Discovered by: UNNON Original DoS: FTP Commander 8.02 - Overwrite SEH Original DoS Link: https://www.exploit-db.com/exploits/37810 Software Vendor:...

Cotopaxi - Set Of Tools For Security Testing Of Internet Of Things Devices Using Specific Network IoT Protocols

Set of tools for security testing of Internet of Things devices using protocols like: CoAP, DTLS, HTCPCP, mDNS, MQTT, SSDP. Installation: Simply clone code from git: https://github.com/Samsung/cotopaxi Requirements: Currently Cotopaxi works only with Python 2.7.x, but future versions will work al...

Amazon Linux AMI : python27 (ALAS-2019-1230)

Python 2.7.x through 2.7.16 is affected by: Improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization. The impact is: Information disclosure credentials, cookies, etc. that are cached against a given hostname. The components are: urllib.parse.urlsplit,...

EulerOS Virtualization 2.5.3 : python (EulerOS-SA-2019-1277)

According to the version of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding with an incorrect netloc...

CVE-2019-9636

Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization. The impact is: Information disclosure credentials, cookies, etc. that are cached against a given hostname. The components are:...

Malwoverview - Tool To Perform An Initial And Quick Triage On Either A Directory Containing Malware Samples Or A Specific Malware Sample

Malwoverview.py is a simple tool to perform an initial and quick triage on a directory containing malware samples not zipped. This tool aims to : 1. Determining similar executable malware samples PE/PE+ according to the import table imphash and group them by different colors pay attention to the...

SQLMap v1.1.8 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

Leviathan - Wide Range Mass Audit Toolkit

Leviathan is a mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities. It consists open source tools such masscan, ncrack, dsss and gives you the flexibility of using them with a combination. The main goal of this...

OpenDoor - OWASP Directory Access Scanner

This application scans the site directories and find all possible ways to login, empty directories and entry points. Scans conducted in the dictionary that is included in this application. This software is written for informational purposes and is an open source product under the GPL license...

swarm - A Modular Distributed Penetration Testing Tool

Swarm is an open source modular distributed penetration testing Tool that use distributed task queue to implement communication in the master-slave mode system and use MongoDB for data storage. It consists of a distributed framework and function modules. The function module can be an entirely new...

OWASP Directory Access scanner

OWASP Directory Access scanner This application scans the site directories and find all possible ways to login, empty directories and entry points. Scans conducted in the dictionary that is included in this application. This software is written for informational purposes and is an open source...

Not Your Average Banner Grabber: BannerGrab

Not Your Average Banner Grabber BannerGrab is a PHP-based banner-grabber, which not only helps you find juicy response headers but also, fetches subdomains, and scans the site’s plugins/themes/components if the site is running WordPress/Joomla. To get the subdomains, It uses one of the best...

Doork - Google Dorks Passive Vulnerability Auditor

doork is a open-source passive vulnerability auditor tool that automates the process of searching on Google information about specific website based on dorks. doork can update his own database from ghdb and use it for find flaws without even contact the target endpoint. You can provide your custo...

OpenGraphiti: Data Visualization Engine

OpenGraphiti is a free and open source 3D data visualization engine for data scientists to visualize semantic networks and to work with them. It offers an easy-to-use API with several associated libraries to create custom-made datasets. It leverages the power of GPUs to process and explore the da...

Python Integer Overflow Vulnerability 01 (Oct 2014) - Mac OS X

Python is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescripti...