Oracle Linux 8 : python3 (ELSA-2020-1764)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1764 advisory. - Security fix for CVE-2019-16056 Resolves: rhbz1750776 - Security fix for CVE-2018-20852 Resolves: rhbz1741553 Tenable has extracted the preceding...

Important: python3

Issue Overview: An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer...

Exploit for Classic Buffer Overflow in Raidenftpd

CVE-2023-39063 This repository contains an exploit for the vul...

OESA-2023-1519 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

Rocky Linux 8 : python3 (RLSA-2023:3591)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:3591 advisory. - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank...

Exploit for Path Traversal in Thruk

Thruk-CVE-2023-34096 Thruk Monitoring Web Interface versions...

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

CVE-2019-9053 Exploit Python 3 This repository contains an e...

slixmpp: Insufficient Certificate Validation

Background slixmpp is a Python 3 library for XMPP. Description slixmpp does not validate hostnames in certificates used by connected servers. Impact An attacker could perform a man-in-the-middle attack on users' connections to servers with slixmpp. Workaround There is no known workaround at this...

QuadraInspect - Android Framework That Integrates AndroPass, APKUtil, And MobFS, Providing A Powerful Tool For Analyzing The Security Of Android Applications

The security of mobile devices has become a critical concern due to the increasing amount of sensitive data being stored on them. With the rise of Android OS as the most popular mobile platform, the need for effective tools to assess its security has also increased. In response to this need, a ne...

Zentao Project Management System 17.0 - Authenticated Remote Code Execution Exploit

Exploit Title: Zentao Project Management System 17.0 - Authenticated Remote Code Execution RCE Exploit Author: mister0xf Software Link: https://github.com/easysoft/zentaopms Version: tested on 17.0 probably works also on newer/older versions Tested On: Kali Linux 2022.2 Exploit Tested Using: Pyth...

EulerOS 2.0 SP11 : python3 (EulerOS-SA-2023-1414)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non- default configuration. The Python...

Thunderstorm - Modular Framework To Exploit UPS Devices

Thunderstorm is a modular framework to exploit UPS devices. For now, only the CS-141 and NetMan 204 exploits will be available. The beta version of the framework will be released on the future. CVE Thunderstorm is currently capable of exploiting the following CVE: CVE-2022-47186 – Unrestricted fi...

Exploit for OS Command Injection in Netgate Pfblockerng

CVE-2022-31814 WebApp bug import argparse import requ...

Reverseip_Py - Domain Parser For IPAddress.com Reverse IP Lookup

Domain parser for IPAddress.com Reverse IP Lookup. Writen in Python 3. What is Reverse IP? Reverse IP refers to the process of looking up all the domain names that are hosted on a particular IP address. This can be useful for a variety of reasons, such as identifying all the websites that are...

Exploit for Unrestricted Upload of File with Dangerous Type in Tecrail Responsive_Filemanager

ResponsiveFileManager-CVE-2022-46604 Responsive FileManager v...

Ghauri - An Advanced Cross-Platform Tool That Automates The Process Of Detecting And Exploiting SQL Injection Security Flaws

An advanced cross-platform tool that automates the process of detecting andexploiting SQL injection security flaws Requirements Python 3 Python pip3 Installation cd to ghauri directory. install requirements: python3 -m pip install --upgrade -r requirements.txt run: python3 setup.py install or...

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2022-26134check The script is used to check remotely if...

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525check Description: This script checks for the...

[SECURITY] Fedora 36 Update: python2.7-2.7.18-23.fc36

Python 2 is an old version of the language that is incompatible with the 3.x line of releases. The language is mostly the same, but many details, especial ly how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been...

[SECURITY] Fedora 37 Update: python2.7-2.7.18-26.fc37

Python 2 is an old version of the language that is incompatible with the 3.x line of releases. The language is mostly the same, but many details, especial ly how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been...