a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +93 more potentially affected by CVE-2021-29545 via tensorflow-cpu (>=1.15.0 <=2.2.0)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.0.1, =0.3.3 - cemotion-apple =0.0.7 and more Source cves: CVE-2021-29545 Source advisory: OSV:PYSEC-2021-473...

a2grunnerp (>=0.1.0 <=0.1.8), abba-python (>=0.1.6 <=0.3.0) +1353 more potentially affected by CVE-2021-29555 via tensorflow (>=1.0.1 <=2.1.2)

tensorflow PYPI version =1.0.1, =0.1.0, =0.1.6, =0.0.6, =0.1.0, =0.0.1, =1.1.2, =0.0.1, =2.0.0, =0.3.26, =0.2.1, =7.13.1, =0.0.1, =0.0.2 and more Source cves: CVE-2021-29555 Source advisory: OSV:PYSEC-2021-192...

01os (>=0.0.1 <=0.0.14), 0b1-protocol (>=0.1.0 <=0.1.3) +39368 more potentially affected by CVE-2021-21330 via aiohttp (>=0.13.1 <=3.7.3)

aiohttp PYPI version =0.13.1, =0.0.1, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =1.0.0, =0.1.0, =0.1.1, =0.1.2, =0.1.3 - 1942pyc =7.0.1 - 1claw-crewai-tools =0.1.0 - 1m-trade =0.3.0 and more Source cves: CVE-2021-21330 Source advisory: OSV:PYSEC-2021-76...

abba-python (>=0.1.6 <=0.3.0), adpred (>=1.1.2 <=1.2.7) +245 more potentially affected by CVE-2020-26267 via tensorflow (>=1.0.1 <=1.15.4)

tensorflow PYPI version =1.0.1, =0.1.6, =1.1.2, =0.0.1, =0.3.26, =0.2.0, =0.4.2, =0.1.1, =0.1.5 - autobazaar =0.1.0 - autogan =0.0.5 - automationobjectdetection-sandeepjena7 =0.0.1 - automl-lib =0.0.1 and more Source cves: CVE-2020-26267 Source advisory: OSV:PYSEC-2020-140...

anews (>=0.1.0 <=1.30.0), arquants (>=0.0.22 <=0.0.27) +61 more potentially affected by CVE-2020-11078 via httplib2 (>=0.10.3 <=0.17.3)

httplib2 PYPI version =0.10.3, =0.1.0, =0.0.22, =0.7.1, =0.0.0, =0.0.1, =3.40.0, =0.0.3, =0.5.0, =2.0.0, =0.1.2, =0.8.2, =0.8.6 and more Source cves: CVE-2020-11078 Source advisory: OSV:GHSA-GG84-QGV9-W4PQ...

Security Bulletin: Multiple security vulnerabilities were fixed in IBM Security Access Manager Appliance

Summary Multiple vulnerabilities in the python libraries used by the IBM Security Access Manager appliance. Vulnerability Details CVEID: CVE-2019-9948 DESCRIPTION: urllib in Python 2.x through 2.7.16 supports the localfile: scheme, which makes it easier for remote attackers to bypass protection...

USN-4106-1: NLTK vulnerability

Mike Salvatore discovered that NLTK mishandled crafted ZIP archives during extraction. A remote attacker could use this vulnerability to write arbitrary files to the filesystem...

PcapXray v2.5 - A Network Forensics Tool To Visualize A Packet Capture Offline As A Network Diagram

PcapXray is a Network Forensics Tool To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction. PcapXray Design Specification Goal: Given a Pcap File, plot a network diagram displaying hosts in the network,...

GHSA-3JQW-CRQJ-W8QW Denial of service in django

The verifyexists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote attackers to cause a denial of service resource consumption via a URL associated with...

Denial of service in django

The verifyexists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote attackers to cause a denial of service resource consumption via a URL associated with...

Masc - A Web Malware Scanner

A malware web scanner developed during CyperCamp Hackathon 2017. Features At the moment, there are some features avaiable for any type of website custom or CMS and some of them only available for specific platforms: Scan any website for malware using OWASP WebMalwareScanner checksum, YARA rules...

DumpsterDiver - Tool To Search Secrets In Various Filetypes

DumpsterDiver is a tool used to analyze big volumes of various file types in search of hardcoded secret keys e.g. AWS Access Key, Azure Share Key or SSH keys. Additionally, it allows creating a simple search rules with basic conditions e.g. reports only csv file including at least 10 email...

MalPipe - Malware/IOC Ingestion And Processing Engine

MalPipe is a modular malware and indicator collection and processing framework. It is designed to pull malware, domains, URLs and IP addresses from multiple feeds, enrich the collected data and export the results. At this time, the following feeds are supported: VirusTotal...

inforfinder - Tool To Collect Information Of Any Domains Pointing At Some Server (Ip, Domain, Range, File)

Inforfinder is a tool made to collect information of any domain pointing at a server ip,domain,range,file. Requires python libs: pyRequests and pyDNS -First, you need to install complementary libraries: user@machine$ sudo apt-get install python-dns python-dnspython python-requests python-lxml...

datasploit - A tool to perform various OSINT techniques

A tool to perform various OSINT techniques, aggregate all the raw data, visualise it on a dashboard, and facilitate alerting and monitoring on the data. Overview of the tool: Performs OSINT on a domain / email / username / phone and find out information from different sources. Correlates and...

Amazon Linux AMI : python26 / python27,python34 (ALAS-2016-724)

It was found that Python's httplib library used urllib, urllib2 and others did not properly check HTTP header input in HTTPConnection.putheader. An attacker could use this flow to inject additional headers in a Python application that allows user provided header name or values. CVE-2016-5699 It w...

DidierStevensSuite

It is an offensive tool for reverse-engineering and malware anal...

[Kvasir] Tools for effective data management during a Penetration Test

Welcome to Kvasir! Herein these directories lay the groundwork tools for effective data management during a Penetration Test. Penetration tests can be data management nightmares because of the large amounts of information that is generally obtained. Vulnerability scanners return lots of actual an...

Oracle Linux 3 / 4 : 4Suite (ELSA-2009-1572)

From Red Hat Security Advisory 2009:1572 : An updated 4Suite package that fixes one security issue is now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The 4Suite package contains XML-related...

DEBIAN-CVE-2013-1665

The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External...